From 75950565d2a6e4d098849df60997ebfbf221e2a2 Mon Sep 17 00:00:00 2001 From: Weng Xuetian Date: Thu, 14 Jan 2021 20:37:05 -0800 Subject: Fix the length checking Closes #526 (cherry-picked from commit 0a816b49) --- pango/pango-context.c | 2 +- tests/testmisc.c | 14 ++++++++++++++ 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/pango/pango-context.c b/pango/pango-context.c index 1fcdf366..a3d7e6c4 100644 --- a/pango/pango-context.c +++ b/pango/pango-context.c @@ -1572,7 +1572,7 @@ pango_itemize_with_base_dir (PangoContext *context, g_return_val_if_fail (length >= 0, NULL); g_return_val_if_fail (length == 0 || text != NULL, NULL); - if (length == 0 || g_utf8_strlen (text, length) == 0) + if (length == 0 || g_utf8_strlen (text + start_index, length) == 0) return NULL; itemize_state_init (&state, context, text, base_dir, start_index, length, diff --git a/tests/testmisc.c b/tests/testmisc.c index 2f6c148b..48f60ee9 100644 --- a/tests/testmisc.c +++ b/tests/testmisc.c @@ -54,6 +54,19 @@ test_itemize_empty_crash (void) g_object_unref (context); } +static void +test_itemize_utf8 (void) +{ + PangoContext *context; + GList *result = NULL; + + context = pango_font_map_create_context (pango_cairo_font_map_get_default ()); + result = pango_itemize_with_base_dir (context, PANGO_DIRECTION_LTR, "\xc3\xa1\na", 3, 1, NULL, NULL); + g_assert (result != NULL); + + g_object_unref (context); +} + /* Test that pango_layout_set_text (layout, "short", 200) * does not lead to a crash. (pidgin does this) */ @@ -94,6 +107,7 @@ main (int argc, char *argv[]) g_test_add_func ("/layout/shape-tab-crash", test_shape_tab_crash); g_test_add_func ("/layout/itemize-empty-crash", test_itemize_empty_crash); + g_test_add_func ("/layout/itemize-utf8", test_itemize_utf8); g_test_add_func ("/layout/short-string-crash", test_short_string_crash); g_test_add_func ("/language/emoji-crash", test_language_emoji_crash); -- cgit v1.2.1