From 4787242566faace0640281c9fde2751ebe6838b5 Mon Sep 17 00:00:00 2001
From: Christian Hergert <chergert@redhat.com>
Date: Wed, 26 Apr 2023 16:42:40 -0700
Subject: bufferoutputstream: be defensive about dereferencing nul byte

If we don't own the buffer, then we don't have a guarantee that the buffer
is one byte bigger than any count/length we've received. Mke sure to only
dereference that byte when we do.

Related #309
---
 gtksourceview/gtksourcebufferoutputstream.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/gtksourceview/gtksourcebufferoutputstream.c b/gtksourceview/gtksourcebufferoutputstream.c
index 77a2a113..26143d96 100644
--- a/gtksourceview/gtksourcebufferoutputstream.c
+++ b/gtksourceview/gtksourcebufferoutputstream.c
@@ -656,7 +656,8 @@ validate_and_insert (GtkSourceBufferOutputStream *stream,
 
 			apply_error_tag (stream);
 
-			if ((nvalid != len || !owned) && buffer[nvalid] != '\0')
+			if (!owned ||
+			    (nvalid != len && buffer[nvalid] != '\0'))
 			{
 				/* make sure the buffer is always properly null
 				 * terminated. This is needed, at least for now,
-- 
cgit v1.2.1