Fix crash due to wide characters
authorRian Hunter <rian+suckless-dev@thelig.ht>
Thu, 29 Jan 2015 23:06:43 +0000 (15:06 -0800)
committerRoberto E. Vargas Caballero <k0ga@shike2.com>
Thu, 5 Feb 2015 19:28:00 +0000 (20:28 +0100)
In tputc(), when a character wasn't large enough to fit
on the current line, we would call tnewline() to place it on
the next line. Unfortunately, we weren't resetting our glyph
pointer and this caused memory corruption when a
wide character (width == 2) was being written. This patch
resets our glyph pointer after calls to tnewline().

st.c

diff --git a/st.c b/st.c
index db9a332..6a68c3c 100644 (file)
--- a/st.c
+++ b/st.c
@@ -2673,13 +2673,16 @@ tputc(char *c, int len) {
        if(IS_SET(MODE_WRAP) && (term.c.state & CURSOR_WRAPNEXT)) {
                gp->mode |= ATTR_WRAP;
                tnewline(1);
+               gp = &term.line[term.c.y][term.c.x];
        }
 
        if(IS_SET(MODE_INSERT) && term.c.x+1 < term.col)
                memmove(gp+1, gp, (term.col - term.c.x - 1) * sizeof(Glyph));
 
-       if(term.c.x+width > term.col)
+       if(term.c.x+width > term.col) {
                tnewline(1);
+               gp = &term.line[term.c.y][term.c.x];
+       }
 
        tsetchar(c, &term.c.attr, term.c.x, term.c.y);