From b16bd8260a484a7be8df0528225794a54c42767f Mon Sep 17 00:00:00 2001
From: P. J. McDermott <pj@pehjota.net>
Date: Sat, 07 Aug 2021 17:24:54 -0400
Subject: tk: Prevent buffer overrun in text constructor

---
(limited to 'src')

diff --git a/src/tk/text.c b/src/tk/text.c
index 027da71..7406b0b 100644
--- a/src/tk/text.c
+++ b/src/tk/text.c
@@ -303,7 +303,6 @@ mftk_text_new(char min_char, char max_char, int len, const char *val,
 	t->min_char  = min_char;
 	t->max_char  = max_char;
 	t->len       = len;
-	t->cur       = strlen(val);
 	t->font      = font;
 	t->line_skip = TTF_FontLineSkip(font);
 	t->ascent    = TTF_FontAscent  (font);
@@ -330,6 +329,11 @@ mftk_text_new(char min_char, char max_char, int len, const char *val,
 		free(w);
 		return NULL;
 	}
+
+	t->cur = strlen(val);
+	if (t->cur > t->len) {
+		t->cur = t->len;
+	}
 	memcpy(t->val, val, t->cur);
 
 	w->w = 0;
--
cgit v0.9.1