[vte] widget: Protect fudge_pango_colors() against all-inclusive PangoAttributes

From: Carlos Garnacho <carlosg src gnome org>
To: commits-list gnome org
Cc:
Subject: [vte] widget: Protect fudge_pango_colors() against all-inclusive PangoAttributes
Date: Thu, 15 Feb 2018 14:25:53 +0000 (UTC)

commit 34a2b58573a4879fd3e07d1fd946b57e46234723
Author: Carlos Garnacho <carlosg gnome org>
Date:   Thu Feb 15 09:35:24 2018 +0100

    widget: Protect fudge_pango_colors() against all-inclusive PangoAttributes
    
    PangoAttribute documentation says "By default an attribute will have an
    all-inclusive range of [0,G_MAXUINT]". It seems legal to get that from IMs
    (referring to the pre-edit string), however the only caller of this
    function just relies on the attribute being within the VteCells range,
    leading to crashes.
    
    https://bugzilla.gnome.org/show_bug.cgi?id=793480

 src/vte.cc |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)
---
diff --git a/src/vte.cc b/src/vte.cc
index cef4c24..30a4178 100644
--- a/src/vte.cc
+++ b/src/vte.cc
@@ -9360,7 +9360,7 @@ VteTerminalPrivate::translate_pango_cells(PangoAttrList *attrs,
                                                                 list,
                                                                 cells +
                                                                 attr->start_index,
-                                                                attr->end_index -
+                                                                MIN(n_cells, attr->end_index) -
                                                                 attr->start_index);
                                g_slist_foreach(list,
                                                 (GFunc)pango_attribute_destroy,

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]