File xterm-CVE-2021-27135.patch of Package xterm.32862

Index: xterm-330/button.c
===================================================================
--- xterm-330.orig/button.c
+++ xterm-330/button.c
@@ -3798,6 +3798,7 @@ SaltTextAway(XtermWidget xw,
     TScreen *screen = TScreenOf(xw);
     int i, j = 0;
     int eol;
+    size_t have = 0;
     Char *line;
     Char *lp;
     CELL first = *cellc;
@@ -3823,7 +3824,11 @@ SaltTextAway(XtermWidget xw,
 
     /* UTF-8 may require more space */
     if_OPT_WIDE_CHARS(screen, {
-	j *= 4;
+        if (j > 0) {
+            if (screen->max_combining > 0)
+                j += screen->max_combining;
+	    j *= 6;
+        }
     });
 
     /* now get some memory to save it in */
@@ -3860,10 +3865,25 @@ SaltTextAway(XtermWidget xw,
     }
     *lp = '\0';			/* make sure we have end marked */
 
-    TRACE(("Salted TEXT:%d:%s\n", (int) (lp - line),
-	   visibleChars(line, (unsigned) (lp - line))));
-
-    screen->selection_length = (unsigned long) (lp - line);
+    have = (size_t) (lp - line);
+    /*
+     * Scanning the buffer twice is unnecessary.  Discard unwanted memory if
+     * the estimate is too-far off.
+     */
+    if ((have * 2) < (size_t) j) {
+       Char *next;
+       screen->selection_size = have + 1;
+       next = realloc(line, screen->selection_size);
+       if (next == NULL) {
+           free(line);
+           screen->selection_length = 0;
+           screen->selection_size = 0;
+       }
+       screen->selection_data = next;
+    }
+    screen->selection_length = have;
+    TRACE(("Salted TEXT:%d:%s\n", (int) have,
+	   visibleChars(screen->selection_data, (unsigned int) have)));
 }
 
 #if OPT_PASTE64