[dev] [st] [PATCH] Fix crash due to wide characters

From: Rian Hunter <rian+suckless-dev_AT_thelig.ht>
Date: Thu, 29 Jan 2015 15:06:43 -0800

In tputc(), when a character wasn't large enough to fit
on the current line, we would call tnewline() to place it on
the next line. Unfortunately, we weren't resetting our glyph
pointer and this caused memory corruption when a
wide character (width == 2) was being written. This patch
resets our glyph pointer after calls to tnewline().

---
 st.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/st.c b/st.c
index db9a332..6a68c3c 100644
--- a/st.c
+++ b/st.c
_AT_@ -2673,13 +2673,16 @@ tputc(char *c, int len) {
 	if(IS_SET(MODE_WRAP) && (term.c.state & CURSOR_WRAPNEXT)) {
 		gp->mode |= ATTR_WRAP;
 		tnewline(1);
+		gp = &term.line[term.c.y][term.c.x];
 	}
 
 	if(IS_SET(MODE_INSERT) && term.c.x+1 < term.col)
 		memmove(gp+1, gp, (term.col - term.c.x - 1) * sizeof(Glyph));
 
-	if(term.c.x+width > term.col)
+	if(term.c.x+width > term.col) {
 		tnewline(1);
+		gp = &term.line[term.c.y][term.c.x];
+	}
 
 	tsetchar(c, &term.c.attr, term.c.x, term.c.y);
 
-- 
2.1.4

Received on Fri Jan 30 2015 - 00:06:43 CET