input: after reallocating a string, do not write to its old address - nano

commit bb1a0bd86c67685ec1c478e50d1e3a9d76ec209e
parent 8b2b9654ab8d3634b23362ad1234ddfdea295085
Author: Benno Schulenberg <bensberg@telfort.nl>
Date:   Wed, 19 Feb 2020 18:47:22 +0100

input: after reallocating a string, do not write to its old address

The old address has become invalid, and probably does not have enough
room for the write, thus causing a crash.

This fixes https://savannah.gnu.org/bugs/?57858.

Bug existed since commit 8625609c from two days ago.

Diffstat:
M src/nano.c  | 7 ++++---

1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/src/nano.c b/src/nano.c
@@ -1639,7 +1639,6 @@ void process_a_keystroke(void)
 void inject(char *burst, size_t count)
 {
 	size_t datalen = strlen(openfile->current->data);
-	char *thepoint = openfile->current->data + openfile->current_x;
 #ifndef NANO_TINY
 	size_t original_row = 0, old_amount = 0;
 
@@ -1667,8 +1666,10 @@ void inject(char *burst, size_t count)
 	/* Make room for the new bytes and copy them into the line. */
 	openfile->current->data = charealloc(openfile->current->data,
 											datalen + count + 1);
-	memmove(thepoint + count, thepoint, datalen - openfile->current_x + 1);
-	strncpy(thepoint, burst, count);
+	memmove(openfile->current->data + openfile->current_x + count,
+						openfile->current->data + openfile->current_x,
+						datalen - openfile->current_x + 1);
+	strncpy(openfile->current->data + openfile->current_x, burst, count);
 
 #ifndef NANO_TINY
 	/* When the mark is to the right of the cursor, compensate its position. */

	nano nano with my custom patches
	git clone git://bsandro.tech/nano
	Log \| Files \| Refs \| README \| LICENSE