From d9a6517d5f9371648c625e75b3deb413f960c2f3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timm=20B=C3=A4der?= Date: Wed, 8 Jun 2016 07:31:45 +0200 Subject: [PATCH] wayland: Make sure window titles fit into a wl_buffer A wl_buffer has a max size of 4096 bytes, of which 8 are needed for the header and another 4 for the string argument length (in this case), so make sure the we only save the first 4083 bytes that are still valid UTF8. https://bugzilla.gnome.org/show_bug.cgi?id=767241 --- gdk/wayland/gdkwindow-wayland.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/gdk/wayland/gdkwindow-wayland.c b/gdk/wayland/gdkwindow-wayland.c index f98ff5959e..d548458c9b 100644 --- a/gdk/wayland/gdkwindow-wayland.c +++ b/gdk/wayland/gdkwindow-wayland.c @@ -61,6 +61,8 @@ static guint signals[LAST_SIGNAL]; GDK_WINDOW_TYPE (window) != GDK_WINDOW_FOREIGN && \ GDK_WINDOW_TYPE (window) != GDK_WINDOW_OFFSCREEN) +#define MAX_WL_BUFFER_SIZE (4083) /* 4096 minus header, string argument length and NUL byte */ + typedef struct _GdkWaylandWindow GdkWaylandWindow; typedef struct _GdkWaylandWindowClass GdkWaylandWindowClass; @@ -2267,6 +2269,7 @@ gdk_wayland_window_set_title (GdkWindow *window, const gchar *title) { GdkWindowImplWayland *impl; + const char *end; g_return_if_fail (title != NULL); if (GDK_WINDOW_DESTROYED (window)) @@ -2275,7 +2278,11 @@ gdk_wayland_window_set_title (GdkWindow *window, impl = GDK_WINDOW_IMPL_WAYLAND (window->impl); g_free (impl->title); - impl->title = g_strdup (title); + + g_utf8_validate (title, MAX_WL_BUFFER_SIZE, &end); + impl->title = g_malloc (end - title + 1); + memcpy (impl->title, title, end - title); + impl->title[end - title] = '\0'; gdk_wayland_window_sync_title (window); }