diff options
| author | Bram Moolenaar <Bram@vim.org> | 2020-06-16 20:58:07 +0200 |
|---|---|---|
| committer | Bram Moolenaar <Bram@vim.org> | 2020-06-16 20:58:07 +0200 |
| commit | a6e8bf2d8929ef52eeda495e0e0c3d2bff8f5830 (patch) | |
| tree | 6c315aa0176c618c6bcffb21bd2c9c9aa04b8bfd | |
| parent | 84cf6bd81bec93b49166cd48fccc7087fdbaa6fc (diff) | |
patch 8.2.0989: crash after resizing a terminal windowv8.2.0989
Problem: Crash after resizing a terminal window. (August Masquelier)
Solution: Add check for valid row in libvterm. (closes #6273)
| -rw-r--r-- | src/libvterm/src/screen.c | 6 | ||||
| -rw-r--r-- | src/libvterm/src/state.c | 11 | ||||
| -rw-r--r-- | src/version.c | 2 |
3 files changed, 19 insertions, 0 deletions
diff --git a/src/libvterm/src/screen.c b/src/libvterm/src/screen.c index 3e72e4bbe6..e5d740b2d6 100644 --- a/src/libvterm/src/screen.c +++ b/src/libvterm/src/screen.c @@ -280,6 +280,12 @@ static int erase_internal(VTermRect rect, int selective, void *user) for(col = rect.start_col; col < rect.end_col; col++) { ScreenCell *cell = getcell(screen, row, col); + if (cell == NULL) + { + DEBUG_LOG2("libvterm: erase_internal() position invalid: %d / %d", + row, col); + return 1; + } if(selective && cell->pen.protected_cell) continue; diff --git a/src/libvterm/src/state.c b/src/libvterm/src/state.c index a621822333..dd25726db1 100644 --- a/src/libvterm/src/state.c +++ b/src/libvterm/src/state.c @@ -16,6 +16,12 @@ static int on_resize(int rows, int cols, void *user); static void putglyph(VTermState *state, const uint32_t chars[], int width, VTermPos pos) { VTermGlyphInfo info; + + if (pos.row >= state->rows) + { + DEBUG_LOG2("libvterm: putglyph() pos.row %d out of range (rows = %d)\n", pos.row, state.rows); + return; + } info.chars = chars; info.width = width; info.protected_cell = state->protected_cell; @@ -283,6 +289,11 @@ static int on_text(const char bytes[], size_t len, void *user) VTermPos oldpos = state->pos; + if (state->pos.row >= state->rows) + { + DEBUG_LOG2("libvterm: on_text() pos.row %d out of range (rows = %d)\n", state->pos.row, state.rows); + return 0; + } // We'll have at most len codepoints, plus one from a previous incomplete // sequence. codepoints = vterm_allocator_malloc(state->vt, (len + 1) * sizeof(uint32_t)); diff --git a/src/version.c b/src/version.c index e1a41fb435..d69b5608fb 100644 --- a/src/version.c +++ b/src/version.c @@ -755,6 +755,8 @@ static char *(features[]) = static int included_patches[] = { /* Add new patch number below this line */ /**/ + 989, +/**/ 988, /**/ 987, |