less/less-654-cve2024_32487fix.patch

diff -up less-590/output.c.cve2024_32487fix less-590/output.c
--- less-590/output.c.cve2024_32487fix	2021-06-03 19:45:48.000000000 +0200
+++ less-590/output.c	2024-08-06 21:41:26.672021477 +0200
@@ -31,6 +31,7 @@ extern int so_s_width, so_e_width;
 extern int screen_trashed;
 extern int is_tty;
 extern int oldbot;
+extern int utf_mode;
 
 #if MSDOS_COMPILER==WIN32C || MSDOS_COMPILER==BORLANDC || MSDOS_COMPILER==DJGPPC
 extern int ctldisp;
@@ -562,6 +563,7 @@ less_printf(fmt, parg)
 	PARG *parg;
 {
 	char *s;
+	constant char *es;
 	int col;
 
 	col = 0;
@@ -578,11 +580,17 @@ less_printf(fmt, parg)
 			{
 			case 's':
 				s = parg->p_string;
+				es = s + strlen(s);
 				parg++;
 				while (*s != '\0')
 				{
-					putchr(*s++);
-					col++;
+					LWCHAR ch = step_char(&s, +1, es);
+					constant char *ps = utf_mode ? prutfchar(ch) : prchar(ch);
+					while (*ps != '\0')
+					{
+						putchr(*ps++);
+						col++;
+					}
 				}
 				break;
 			case 'd':
diff -up less-590/prompt.c.cve2024_32487fix less-590/prompt.c
--- less-590/prompt.c.cve2024_32487fix	2024-08-06 16:14:26.980780434 +0200
+++ less-590/prompt.c	2024-08-06 21:43:10.415868469 +0200
@@ -29,6 +29,7 @@ extern int hshift;
 extern int sc_height;
 extern int jump_sline;
 extern int less_is_more;
+extern int utf_mode;
 extern IFILE curr_ifile;
 #if EDITOR
 extern char *editor;
@@ -90,13 +91,17 @@ init_prompt(VOID_PARAM)
 ap_str(s)
 	char *s;
 {
-	int len;
-
-	len = (int) strlen(s);
-	if (mp + len >= message + PROMPT_SIZE)
-		len = (int) (message + PROMPT_SIZE - mp - 1);
-	strncpy(mp, s, len);
-	mp += len;
+	constant char *es = s + strlen(s);
+	while (*s != '\0')
+	{
+		LWCHAR ch = step_char(&s, +1, es);
+		constant char *ps = utf_mode ? prutfchar(ch) : prchar(ch);
+		size_t plen = strlen(ps);
+		if (mp + plen >= message + PROMPT_SIZE)
+			break;
+		strcpy(mp, ps);
+		mp += plen;
+	}
 	*mp = '\0';
 }