[text] Crash when multi-byte utf8 text exceeds max_length

Bug 1500 - [Patch] clutter_text crash with non one-byte utf8 text exceed
           max_length

In clutter_text_set_text_internal(), when text length in character is greater
than max_length, and there are multi-byte character in it, then the new text
string buffer is not malloc()'ed with right length. This will cause the app to
crash with segmention fault.

Signed-off-by: Emmanuele Bassi <ebassi@linux.intel.com>
This commit is contained in:
Raymond Liu 2009-03-11 14:35:26 +08:00 committed by Emmanuele Bassi
parent a83a5d5593
commit 039e282a40

View File

@ -2810,7 +2810,8 @@ clutter_text_set_text_internal (ClutterText *self,
}
else
{
gchar *n = g_malloc0 (priv->max_length + 1);
gchar *p = g_utf8_offset_to_pointer (text, priv->max_length);
gchar *n = g_malloc0 ((p - text) + 1);
g_free (priv->text);