From 666192d1c0b6964cebc907990f9a23fd80fa87e5 Mon Sep 17 00:00:00 2001
From: hongjinghao <hongjinghao@huawei.com>
Date: Thu, 16 Feb 2023 14:24:04 +0800
Subject: [PATCH] fix CVE-2022-46663

---
 ...nk-on-invalid-embedded-escape-sequen.patch | 27 +++++++++++++++++++
 less.spec                                     |  6 ++++-
 2 files changed, 32 insertions(+), 1 deletion(-)
 create mode 100644 backport-End-OSC8-hyperlink-on-invalid-embedded-escape-sequen.patch

diff --git a/backport-End-OSC8-hyperlink-on-invalid-embedded-escape-sequen.patch b/backport-End-OSC8-hyperlink-on-invalid-embedded-escape-sequen.patch
new file mode 100644
index 0000000..16a24a6
--- /dev/null
+++ b/backport-End-OSC8-hyperlink-on-invalid-embedded-escape-sequen.patch
@@ -0,0 +1,27 @@
+From a78e1351113cef564d790a730d657a321624d79c Mon Sep 17 00:00:00 2001
+From: Mark Nudelman <markn@greenwoodsoftware.com>
+Date: Fri, 7 Oct 2022 19:25:46 -0700
+Subject: [PATCH] End OSC8 hyperlink on invalid embedded escape sequence.
+
+---
+ line.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/line.c b/line.c
+index 236c49a..cba7bdd 100644
+--- a/line.c
++++ b/line.c
+@@ -633,8 +633,8 @@ ansi_step(pansi, ch)
+ 		/* Hyperlink ends with \7 or ESC-backslash. */
+ 		if (ch == '\7')
+ 			return ANSI_END;
+-		if (pansi->prev_esc && ch == '\\')
+-			return ANSI_END;
++		if (pansi->prev_esc)
++    		        return (ch == '\\') ? ANSI_END : ANSI_ERR;
+ 		pansi->prev_esc = (ch == ESC);
+ 		return ANSI_MID;
+ 	}
+-- 
+2.27.0
+
diff --git a/less.spec b/less.spec
index 1e5ccae..03ca6f1 100644
--- a/less.spec
+++ b/less.spec
@@ -1,12 +1,13 @@
 Name:		less
 Version:	590
-Release:        1
+Release:        2
 Summary:	Less is a pager that displays text files.
 License:	GPLv3+ or BSD
 URL:		http://www.greenwoodsoftware.com/less
 Source0:	http://www.greenwoodsoftware.com/less/%{name}-%{version}.tar.gz
 Patch0:		less-394-time.patch
 Patch1:		less-475-fsync.patch
+Patch2:		backport-End-OSC8-hyperlink-on-invalid-embedded-escape-sequen.patch
 
 BuildRequires:	git gcc make ncurses-devel autoconf automake libtool
 
@@ -45,6 +46,9 @@ autoreconf -ivf
 %{_mandir}/man1/*
 
 %changelog
+* Thu Feb 16 2023 hongjinghao <hongjinghao@huawei.com> - 590-2
+- fix CVE-2022-46663
+
 * Fri Sep 24 2021 fuanan <fuanan3@huawei.com> - 590-1
 - update version to 590
 
-- 
Gitee