diff options
| author | Christian Hergert <chergert@redhat.com> | 2023-04-26 16:42:40 -0700 |
|---|---|---|
| committer | Christian Hergert <chergert@redhat.com> | 2023-04-27 09:17:34 -0700 |
| commit | 81bb1db5b058ce89aa615b3aa32e055c2087e84f (patch) | |
| tree | 9965590419aeed58d8f3db91b0f365ee3b65fc73 | |
| parent | 589b17aabdf49b8a215372b2f5284f79306ca105 (diff) | |
| download | gtksourceview-5-4.tar.gz | |
bufferoutputstream: be defensive about dereferencing nul bytegtksourceview-5-4
If we don't own the buffer, then we don't have a guarantee that the buffer
is one byte bigger than any count/length we've received. Mke sure to only
dereference that byte when we do.
Related #309
| -rw-r--r-- | gtksourceview/gtksourcebufferoutputstream.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/gtksourceview/gtksourcebufferoutputstream.c b/gtksourceview/gtksourcebufferoutputstream.c index b3f8e1dd..60e59f66 100644 --- a/gtksourceview/gtksourcebufferoutputstream.c +++ b/gtksourceview/gtksourcebufferoutputstream.c @@ -652,7 +652,8 @@ validate_and_insert (GtkSourceBufferOutputStream *stream, apply_error_tag (stream); - if ((nvalid != len || !owned) && buffer[nvalid] != '\0') + if (!owned || + (nvalid != len && buffer[nvalid] != '\0')) { /* make sure the buffer is always properly null * terminated. This is needed, at least for now, |