From 858af2505fe80e4175121ada95714443ea63e4de Mon Sep 17 00:00:00 2001
From: Hisham Muhammad <hisham@gobolinux.org>
Date: Mon, 26 Feb 2018 11:05:12 -0300
Subject: [PATCH] Protect against overflows in RichString_setAttrn

---
 RichString.c | 6 ++++++
 RichString.h | 4 ++++
 2 files changed, 10 insertions(+)

diff --git a/RichString.c b/RichString.c
index e7dd4e83..370566a8 100644
--- a/RichString.c
+++ b/RichString.c
@@ -63,6 +63,10 @@ typedef struct RichString_ {
 
 }*/
 
+#ifndef CLAMP
+#define CLAMP(x,low,high) (((x)>(high))?(high):(((x)<(low))?(low):(x)))
+#endif
+
 #define charBytes(n) (sizeof(CharType) * (n)) 
 
 static void RichString_extendLen(RichString* this, int len) {
@@ -103,6 +107,7 @@ static inline void RichString_writeFrom(RichString* this, int attrs, const char*
 
 inline void RichString_setAttrn(RichString* this, int attrs, int start, int finish) {
    cchar_t* ch = this->chptr + start;
+   finish = CLAMP(finish, 0, this->chlen - 1);
    for (int i = start; i <= finish; i++) {
       ch->attr = attrs;
       ch++;
@@ -132,6 +137,7 @@ static inline void RichString_writeFrom(RichString* this, int attrs, const char*
 
 void RichString_setAttrn(RichString* this, int attrs, int start, int finish) {
    chtype* ch = this->chptr + start;
+   finish = CLAMP(finish, 0, this->chlen - 1);
    for (int i = start; i <= finish; i++) {
       *ch = (*ch & 0xff) | attrs;
       ch++;
diff --git a/RichString.h b/RichString.h
index 796965ac..f5b5cba1 100644
--- a/RichString.h
+++ b/RichString.h
@@ -59,6 +59,10 @@ typedef struct RichString_ {
 } RichString;
 
 
+#ifndef CLAMP
+#define CLAMP(x,low,high) (((x)>(high))?(high):(((x)<(low))?(low):(x)))
+#endif
+
 #define charBytes(n) (sizeof(CharType) * (n)) 
 
 #define RichString_setLen(this, len) do{ if(len < RICHSTRING_MAXLEN && this->chlen < RICHSTRING_MAXLEN) { RichString_setChar(this,len,0); this->chlen=len; } else RichString_extendLen(this,len); }while(0)