From 700d6ad071614895c3cb305b894b8c1a003db39e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kristian=20H=C3=B8gsberg?= Date: Thu, 9 Jan 2014 23:45:18 -0800 Subject: [PATCH] keyboard: Don't strcat() into a strdup()ed string We need to reallocate the memory to hold the entire concatenated string, but strcat() doesn't do that. Closes: https://bugs.freedesktop.org/show_bug.cgi?id=71750 --- clients/keyboard.c | 24 ++++++++++++++++++++---- clients/window.c | 6 ++++++ clients/window.h | 2 ++ 3 files changed, 28 insertions(+), 4 deletions(-) diff --git a/clients/keyboard.c b/clients/keyboard.c index 963382c1..b9778a7b 100644 --- a/clients/keyboard.c +++ b/clients/keyboard.c @@ -490,6 +490,21 @@ delete_before_cursor(struct virtual_keyboard *keyboard) memmove(keyboard->surrounding_text + keyboard->surrounding_cursor, end, strlen(end)); } +static char * +append(char *s1, const char *s2) +{ + int len1, len2; + char *s; + + len1 = strlen(s1); + len2 = strlen(s2); + s = xrealloc(s1, len1 + len2 + 1); + memcpy(s + len1, s2, len2); + s[len1 + len2] = '\0'; + + return s; +} + static void keyboard_handle_key(struct keyboard *keyboard, uint32_t time, const struct key *key, struct input *input, enum wl_pointer_button_state state) { @@ -502,8 +517,9 @@ keyboard_handle_key(struct keyboard *keyboard, uint32_t time, const struct key * if (state != WL_POINTER_BUTTON_STATE_PRESSED) break; - keyboard->keyboard->preedit_string = strcat(keyboard->keyboard->preedit_string, - label); + keyboard->keyboard->preedit_string = + append(keyboard->keyboard->preedit_string, + label); virtual_keyboard_send_preedit(keyboard->keyboard, -1); break; case keytype_backspace: @@ -527,8 +543,8 @@ keyboard_handle_key(struct keyboard *keyboard, uint32_t time, const struct key * case keytype_space: if (state != WL_POINTER_BUTTON_STATE_PRESSED) break; - keyboard->keyboard->preedit_string = strcat(keyboard->keyboard->preedit_string, - " "); + keyboard->keyboard->preedit_string = + append(keyboard->keyboard->preedit_string, " "); virtual_keyboard_commit_preedit(keyboard->keyboard); break; case keytype_switch: diff --git a/clients/window.c b/clients/window.c index cc4fe4ee..19519b3c 100644 --- a/clients/window.c +++ b/clients/window.c @@ -5575,3 +5575,9 @@ xstrdup(const char *s) { return fail_on_null(strdup(s)); } + +void * +xrealloc(char *p, size_t s) +{ + return fail_on_null(realloc(p, s)); +} diff --git a/clients/window.h b/clients/window.h index 8bf9adc1..dec133fc 100644 --- a/clients/window.h +++ b/clients/window.h @@ -61,6 +61,8 @@ void * xzalloc(size_t s); char * xstrdup(const char *s); +void * +xrealloc(char *p, size_t s); struct display * display_create(int *argc, char *argv[]);