kimcinoo
/
efl
forked from enlightenment/efl
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

evas: textgrid - fix crash in terminology with rare characters. 

So I have a weird crash in terminology.
Reproduction path:
eet -x /path/to/elm/theme/default.edj edje/images/537

Scroll back in the terminal buffer, to show the entire file: CRASH.

Reviewers: cedric, tasn

CC: cedric, raster

Differential Revision: https://phab.enlightenment.org/D468

Signed-off-by: Cedric BAIL <cedric.bail@samsung.com>
This commit is contained in:
Jean-Philippe Andre 2014-01-24 09:44:40 +09:00 committed by Cedric BAIL
parent 5593964ead
commit 345c1ad26d
1 changed files with 10 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
src/lib/evas/canvas/evas_object_textgrid.c
View File

@ -297,14 +297,18 @@ evas_object_textgrid_textprop_ref(Evas_Object *eo_obj, Evas_Object_Textgrid *o,
}
offset--;
}
if (o->master[offset].next[(codepoint & mask) >> shift] == 0)
if ((o->master[offset].next[(codepoint & mask) >> shift] == 0)
|| ((o->master[offset].next[(codepoint & mask) >> shift] & 0xFFFFFF) >= o->glyphs_length))
{
Evas_Textgrid_Hash_Glyphs *tmp;
unsigned char *tmp_used;
int count;
int count, i;
/* FIXME: find empty entry */
count = o->glyphs_length + 1;
if (o->master[offset].next[(codepoint & mask) >> shift] == 0)
count = o->glyphs_length + 1;
else
count = (o->master[offset].next[(codepoint & mask) >> shift] & 0xFFFFFF) + 1;
tmp = realloc(o->glyphs, count * sizeof (Evas_Textgrid_Hash_Glyphs));
if (!tmp) return 0xFFFFFFFF;
o->glyphs = tmp;
@ -312,10 +316,11 @@ evas_object_textgrid_textprop_ref(Evas_Object *eo_obj, Evas_Object_Textgrid *o,
if (!tmp_used) return 0xFFFFFFFF;
o->glyphs_used = tmp_used;
// FIXME: What should we write when allocating more than one new entry?
o->master[offset].next[(codepoint & mask) >> shift] = o->glyphs_length + 0xFF000000;
memset(o->glyphs + o->glyphs_length, 0, sizeof (Evas_Textgrid_Hash_Glyphs));
o->glyphs_used[o->glyphs_length] = 0;
memset(o->glyphs + o->glyphs_length, 0, (count - o->glyphs_length) * sizeof (Evas_Textgrid_Hash_Glyphs));
memset(o->glyphs_used, 0, (count - o->glyphs_length) * sizeof(o->glyphs_used[0]));
o->glyphs_length = count;
}