commit d29b9d5bd68cc1e428e44ea45d7de30dbb0272c1
parent 810d02c6a471ec0b92cefc46a554a7c0bebcdf33
Author: David Lawrence Ramsey <pooka109@gmail.com>
Date: Mon, 6 Jun 2005 03:17:07 +0000
fix another memory corruption problem in display_string() found by
valgrind
git-svn-id: svn://svn.savannah.gnu.org/nano/trunk/nano@2598 35c25a1d-7b9e-4130-9fde-d3aeb78583b8
Diffstat:
2 files changed, 6 insertions(+), 3 deletions(-)
diff --git a/ChangeLog b/ChangeLog
@@ -141,6 +141,9 @@ CVS code -
do_statusbar_output()
- Don't set answer_len until after it's been asserted that
answer isn't NULL. (DLR)
+ display_string()
+ - Avoid a memory corruption problem by allocating enough space
+ for len plus a trailing multibyte character and/or tab. (DLR)
nanogetstr()
- Rename variable def to curranswer to avoid confusion. (DLR)
- Only declare and use the tabbed variable if DISABLE_TABCOMP
diff --git a/src/winio.c b/src/winio.c
@@ -2254,9 +2254,9 @@ char *display_string(const char *buf, size_t start_col, size_t len, bool
assert(column <= start_col);
- /* Allocate enough space for the entire line. It should contain
- * (len + 2) multibyte characters at most. */
- alloc_len = mb_cur_max() * (len + 2);
+ /* Allocate enough space for the entire line, accounting for a
+ * trailing multibyte character and/or tab. */
+ alloc_len = (mb_cur_max() * (len + 1)) + tabsize;
converted = charalloc(alloc_len + 1);
index = 0;
