Mercurial > vim
changeset 20957:2f2bc98a8dfb v8.2.1030
patch 8.2.1030: reducing size of a terminal window may cause a crash
Commit: https://github.com/vim/vim/commit/da58134eedf43ae4b9013c93ecbdf55e4da4b8a3
Author: Bram Moolenaar <Bram@vim.org>
Date: Sun Jun 21 17:57:32 2020 +0200
patch 8.2.1030: reducing size of a terminal window may cause a crash
Problem: Reducing size of a terminal window may cause a crash.
Solution: Make sure the row and column don't become negative. (closes https://github.com/vim/vim/issues/6273)
author | Bram Moolenaar <Bram@vim.org> |
---|---|
date | Sun, 21 Jun 2020 18:00:04 +0200 |
parents | be36cdf5d8a0 |
children | 4cfc5977d0fd |
files | src/libvterm/src/screen.c src/libvterm/src/state.c src/version.c |
diffstat | 3 files changed, 18 insertions(+), 10 deletions(-) [+] |
line wrap: on
line diff
--- a/src/libvterm/src/screen.c +++ b/src/libvterm/src/screen.c @@ -646,6 +646,12 @@ static int setlineinfo(int row, const VT newinfo->doubleheight != oldinfo->doubleheight) { for(col = 0; col < screen->cols; col++) { ScreenCell *cell = getcell(screen, row, col); + if (cell == NULL) + { + DEBUG_LOG2("libvterm: setlineinfo() position invalid: %d / %d", + row, col); + return 1; + } cell->pen.dwl = newinfo->doublewidth; cell->pen.dhl = newinfo->doubleheight; } @@ -773,6 +779,12 @@ static size_t _get_chars(const VTermScre ScreenCell *cell = getcell(screen, row, col); int i; + if (cell == NULL) + { + DEBUG_LOG2("libvterm: _get_chars() position invalid: %d / %d", + row, col); + return 1; + } if(cell->chars[0] == 0) // Erased cell, might need a space padding++;
--- a/src/libvterm/src/state.c +++ b/src/libvterm/src/state.c @@ -17,11 +17,6 @@ static void putglyph(VTermState *state, { VTermGlyphInfo info; - if (pos.row >= state->rows) - { - DEBUG_LOG2("libvterm: putglyph() pos.row %d out of range (rows = %d)\n", pos.row, state.rows); - return; - } info.chars = chars; info.width = width; info.protected_cell = state->protected_cell; @@ -289,11 +284,6 @@ static int on_text(const char bytes[], s VTermPos oldpos = state->pos; - if (state->pos.row >= state->rows) - { - DEBUG_LOG2("libvterm: on_text() pos.row %d out of range (rows = %d)\n", state->pos.row, state->rows); - return 0; - } // We'll have at most len codepoints, plus one from a previous incomplete // sequence. codepoints = vterm_allocator_malloc(state->vt, (len + 1) * sizeof(uint32_t)); @@ -1856,8 +1846,12 @@ static int on_resize(int rows, int cols, if(state->pos.row >= rows) state->pos.row = rows - 1; + if(state->pos.row < 0) + state->pos.row = 0; if(state->pos.col >= cols) state->pos.col = cols - 1; + if(state->pos.col < 0) + state->pos.col = 0; updatecursor(state, &oldpos, 1);