This is slightly related to issue #271 but currently not seriously exploitable, just confusing. The command
echo -en "\e[4294967336B"
moves the cursor 42 lines down. This is unexpected since the fix for #271 set the upper limit to 65535, right? It turns out that there's an integer overflow in terminaldispatcher.cc on line
int val = strtol( segment_begin, &endptr, 10 );
where strtol actually returns "long int".
Prevent integer overflow of very large escape sequence params. Fixes #…