Fix buffer overflow issue in autoperiod

author Jihoon Kim <jihoon48.kim@samsung.com>

Mon, 11 Jul 2016 04:22:52 +0000 (13:22 +0900)

committer Jihoon Kim <jihoon48.kim@samsung.com>

Fri, 22 Jul 2016 05:23:22 +0000 (14:23 +0900)
author Jihoon Kim <jihoon48.kim@samsung.com>
Mon, 11 Jul 2016 04:22:52 +0000 (13:22 +0900)
committer Jihoon Kim <jihoon48.kim@samsung.com>
Fri, 22 Jul 2016 05:23:22 +0000 (14:23 +0900)
diff --git a/ism/extras/efl_immodule/isf_imf_context.cpp b/ism/extras/efl_immodule/isf_imf_context.cpp

index adee47e..830cb25 100644 (file)
--- a/ism/extras/efl_immodule/isf_imf_context.cpp
+++ b/ism/extras/efl_immodule/isf_imf_context.cpp
@@ -660,6 +660,7 @@ autoperiod_insert (Ecore_IMF_Context *ctx)
      Eina_Unicode *ustr = NULL;
      Ecore_IMF_Event_Delete_Surrounding ev;
      char *fullstop_mark = NULL;
+    size_t ulen = 0;
  
      if (autoperiod_allow == EINA_FALSE)
          return;
@@ -680,7 +681,9 @@ autoperiod_insert (Ecore_IMF_Context *ctx)
      ustr = eina_unicode_utf8_to_unicode (plain_str, NULL);
      if (!ustr) goto done;
  
-    if (cursor_pos < 2) goto done;
+    ulen = eina_unicode_strlen (ustr);
+
+    if (cursor_pos < 2 || cursor_pos > (int)ulen) goto done;
  
      if (check_space_symbol (ustr[cursor_pos-1]) &&
          !(iswpunct (ustr[cursor_pos-2]) || check_space_symbol (ustr[cursor_pos-2]))) {
author	Jihoon Kim <jihoon48.kim@samsung.com>
	Mon, 11 Jul 2016 04:22:52 +0000 (13:22 +0900)
committer	Jihoon Kim <jihoon48.kim@samsung.com>
	Fri, 22 Jul 2016 05:23:22 +0000 (14:23 +0900)