From: Mark Nudelman <markn@greenwoodsoftware.com>
Date: Fri, 7 Oct 2022 19:25:46 -0700
Subject: End OSC8 hyperlink on invalid embedded escape sequence.
Origin: upstream, https://github.com/gwsw/less/commit/a78e1351113cef564d790a730d657a321624d79c
Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2022-46663
Bug-Debian: https://bugs.debian.org/1030825
Applied-Upstream: 609

---
 line.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/line.c b/line.c
index 236c49aecfe1..cba7bdd1e614 100644
--- a/line.c
+++ b/line.c
@@ -633,8 +633,8 @@ ansi_step(pansi, ch)
 		/* Hyperlink ends with \7 or ESC-backslash. */
 		if (ch == '\7')
 			return ANSI_END;
-		if (pansi->prev_esc && ch == '\\')
-			return ANSI_END;
+		if (pansi->prev_esc)
+            return (ch == '\\') ? ANSI_END : ANSI_ERR;
 		pansi->prev_esc = (ch == ESC);
 		return ANSI_MID;
 	}
-- 
2.39.1