tsm: screen: fix out-of-bounds access when drawing sb

When drawing scroll-back buffer, we cannot guarantee that the lines are as
long as the current screen. Therefore, check that we aren't accessing out
of bounds and draw empty glyphs instead.

Signed-off-by: David Herrmann <dh.herrmann@googlemail.com>

diff --git a/src/tsm_screen.c b/src/tsm_screen.c
index 9f900c9..260cd89 100644 (file)
--- a/src/tsm_screen.c
+++ b/src/tsm_screen.c
@@ -1306,10 +1306,13 @@ void tsm_screen_draw(struct tsm_screen *con,
        uint64_t time_prep = 0, time_draw = 0, time_rend = 0;
        const uint32_t *ch;
        size_t len;
+       struct cell empty;
 
        if (!con || !draw_cb)
                return;
 
+       cell_init(con, &empty);
+
        cur_x = con->cursor_x;
        if (con->cursor_x >= con->size_x)
                cur_x = con->size_x - 1;
@@ -1353,7 +1356,10 @@ void tsm_screen_draw(struct tsm_screen *con,
                }
 
                for (j = 0; j < con->size_x; ++j) {
-                       cell = &line->cells[j];
+                       if (j < line->size)
+                               cell = &line->cells[j];
+                       else
+                               cell = &empty;
                        memcpy(&attr, &cell->attr, sizeof(attr));
 
                        if (k == cur_y + 1 &&