From 858af2505fe80e4175121ada95714443ea63e4de Mon Sep 17 00:00:00 2001
From: Hisham Muhammad <hisham@gobolinux.org>
Date: Mon, 26 Feb 2018 11:05:12 -0300
Subject: Protect against overflows in RichString_setAttrn

---
 RichString.c | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'RichString.c')

diff --git a/RichString.c b/RichString.c
index e7dd4e83..370566a8 100644
--- a/RichString.c
+++ b/RichString.c
@@ -63,6 +63,10 @@ typedef struct RichString_ {
 
 }*/
 
+#ifndef CLAMP
+#define CLAMP(x,low,high) (((x)>(high))?(high):(((x)<(low))?(low):(x)))
+#endif
+
 #define charBytes(n) (sizeof(CharType) * (n)) 
 
 static void RichString_extendLen(RichString* this, int len) {
@@ -103,6 +107,7 @@ static inline void RichString_writeFrom(RichString* this, int attrs, const char*
 
 inline void RichString_setAttrn(RichString* this, int attrs, int start, int finish) {
    cchar_t* ch = this->chptr + start;
+   finish = CLAMP(finish, 0, this->chlen - 1);
    for (int i = start; i <= finish; i++) {
       ch->attr = attrs;
       ch++;
@@ -132,6 +137,7 @@ static inline void RichString_writeFrom(RichString* this, int attrs, const char*
 
 void RichString_setAttrn(RichString* this, int attrs, int start, int finish) {
    chtype* ch = this->chptr + start;
+   finish = CLAMP(finish, 0, this->chlen - 1);
    for (int i = start; i <= finish; i++) {
       *ch = (*ch & 0xff) | attrs;
       ch++;
-- 
cgit v1.2.3