isa/mutter
1
0
Fork 0
mirror of https://github.com/brl/mutter.git synced 2024-09-20 14:35:48 -04:00
Code Issues Packages Projects Releases Wiki Activity

[text] Crash when multi-byte utf8 text exceeds max_length

Browse Source 
Bug 1500 - [Patch] clutter_text crash with non one-byte utf8 text exceed
           max_length

In clutter_text_set_text_internal(), when text length in character is greater
than max_length, and there are multi-byte character in it, then the new text
string buffer is not malloc()'ed with right length. This will cause the app to
crash with segmention fault.

Signed-off-by: Emmanuele Bassi <ebassi@linux.intel.com>
This commit is contained in:
Raymond Liu 2009-03-11 14:35:26 +08:00 committed by Emmanuele Bassi
parent a83a5d5593
commit 039e282a40
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
clutter/clutter-text.c
View File

@ -2810,7 +2810,8 @@ clutter_text_set_text_internal (ClutterText *self,
}
else
{
gchar *n = g_malloc0 (priv->max_length + 1);
gchar *p = g_utf8_offset_to_pointer (text, priv->max_length);
gchar *n = g_malloc0 ((p - text) + 1);
g_free (priv->text);