xtext: Fix overflow on long lines
xtext keeps a static buffer and uses it for various things and asserts that every text entry is < 4096. It does this check on gtk_xtext_append*() except it does the check only on the right half of text when indent is enabled. This overflow caused corruption in the xtext struct changing the url check functions making hovering with the mouse do 'undefined' things. In the long term this should be removed for a dynamically allocated buffer so no arbitrary size limit exists and text gets cut off. Fixes #1465 Fixes #1186 Fixes #1206
This commit is contained in:
Patrick Griffis
parent
1e914347d7
commit
c8539b93fe
|
|
@ -4649,8 +4649,8 @@ gtk_xtext_append_indent (xtext_buffer *buf,
|
|||
if (right_len == -1)
|
||||
right_len = strlen (right_text);
|
||||
|
||||
if (right_len >= sizeof (buf->xtext->scratch_buffer))
|
||||
right_len = sizeof (buf->xtext->scratch_buffer) - 1;
|
||||
if (left_len + right_len + 2 >= sizeof (buf->xtext->scratch_buffer))
|
||||
right_len = sizeof (buf->xtext->scratch_buffer) - left_len - 2;
|
||||
|
||||
if (right_text[right_len-1] == '\n')
|
||||
right_len--;
|
||||
|
|
@ -4670,6 +4670,9 @@ gtk_xtext_append_indent (xtext_buffer *buf,
|
|||
ent->str_len = left_len + 1 + right_len;
|
||||
ent->indent = (buf->indent - left_width) - buf->xtext->space_width;
|
||||
|
||||
/* This is copied into the scratch buffer later, double check math */
|
||||
g_assert (ent->str_len < sizeof (buf->xtext->scratch_buffer));
|
||||
|
||||
if (buf->time_stamp)
|
||||
space = buf->xtext->stamp_width;
|
||||
else
|
||||
|
|
|
|||
Loading…
Reference in New Issue