Fix a potential memory corruption in some cases

When processing words containing UTF-8 sequences in tab mode an insufficient amount of memory may be allocated for the display of these words, resulting in potential memory corruption.
author: pgen <p.gen.progs@gmail.com> 2022-05-24 23:19:55 +0200
committer: pgen <p.gen.progs@gmail.com> 2022-05-24 23:19:55 +0200
commit: 692bca0617d5451178dc594ea52e7bfb611ba8e1 (patch)
tree: 523ad26847cffc3509de0109e74e2fa7d3a90156 /smenu.c
parent: fd6694a3fba6fa87ed44819998ca1912431d5b32 (diff)
1 files changed, 4 insertions, 1 deletions
diff --git a/smenu.c b/smenu.c
index d9054fe..b19200b 100644
--- a/smenu.c
+++ b/smenu.c
@@ -9214,8 +9214,11 @@ main(int argc, char * argv[])
   word_a[count].str = NULL;
 
   /* We can now allocate the space for our tmp_word work variable. */
+  /* augmented by the number of tabulation columns. This is not    */
+  /* optimal but the loss is tiny and we have the guarantee that   */
+  /* enough place will be allocated.                               */
   /* """"""""""""""""""""""""""""""""""""""""""""""""""""""""""""" */
-  tmp_word = xcalloc(word_real_max_size + 1, 1);
+  tmp_word = xcalloc(word_real_max_size + tab_max_size + 1, 1);
 
   search_data.utf8_off_a = xmalloc(word_real_max_size * sizeof(long));
   search_data.utf8_len_a = xmalloc(word_real_max_size * sizeof(long));
author	pgen <p.gen.progs@gmail.com>	2022-05-24 23:19:55 +0200
committer	pgen <p.gen.progs@gmail.com>	2022-05-24 23:19:55 +0200
commit	692bca0617d5451178dc594ea52e7bfb611ba8e1 (patch)
tree	523ad26847cffc3509de0109e74e2fa7d3a90156 /smenu.c
parent	fd6694a3fba6fa87ed44819998ca1912431d5b32 (diff)