a11y: Avoid a crash

It is not safe to access text[end], if text may not be NUL-terminated. Fixes: #6146
2024-12-26 21:51:08 +00:00 · 2023-10-10 18:54:27 -04:00 · 2023-10-10 18:54:27 -04:00 · 15c43e5284
commit 15c43e5284
parent fc4c0f769c
1 changed files with 3 additions and 11 deletions
--- a/gtk/a11y/gtkatspicontext.c
+++ b/gtk/a11y/gtkatspicontext.c
@ -705,27 +705,19 @@ emit_text_changed (GtkAtSpiContext *self,
                   int              end,
                   const char      *text)
 {
-  char *copy = NULL;
-
  if (self->connection == NULL)
    return;

-  /* Protect against possible non-UTF8 garbage after the end
-   * that g_variant_new_string() will complain about.
-   */
-  if (text[end] != '\0')
-    text = copy = g_strndup (text, end);
-
  g_dbus_connection_emit_signal (self->connection,
                                 NULL,
                                 self->context_path,
                                 "org.a11y.atspi.Event.Object",
                                 "TextChanged",
                                 g_variant_new ("(siiva{sv})",
-                                                kind, start, end, g_variant_new_string (text), NULL),
+                                                kind, start, end,
+                                                g_variant_new_take_string (g_strndup (text, end)),
+                                                NULL),
                                 NULL);
-
-  g_free (copy);
 }

 static void