From e65caea2205dacdf3288c1348f772bda36a3e340 Mon Sep 17 00:00:00 2001
From: Tor Lillqvist <tml@iki.fi>
Date: Sat, 21 Aug 2004 13:43:51 +0000
Subject: [PATCH] Guard against bogus return value from strxfrm(). For instance
 Microsoft's

2004-08-21  Tor Lillqvist  <tml@iki.fi>

	* glib/gunicollate.c (g_utf8_collate_key): Guard against bogus
	return value from strxfrm(). For instance Microsoft's strxfrm()
	returns INT_MAX on errors. (#141124)
---
 ChangeLog          | 8 +++++++-
 ChangeLog.pre-2-10 | 8 +++++++-
 ChangeLog.pre-2-12 | 8 +++++++-
 ChangeLog.pre-2-6  | 8 +++++++-
 ChangeLog.pre-2-8  | 8 +++++++-
 glib/gunicollate.c | 8 ++++++++
 6 files changed, 43 insertions(+), 5 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 5d82166..bd25605 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2004-08-21  Tor Lillqvist  <tml@iki.fi>
+
+	* glib/gunicollate.c (g_utf8_collate_key): Guard against bogus
+	return value from strxfrm(). For instance Microsoft's strxfrm()
+	returns INT_MAX on errors. (#141124)
+
 2004-08-19  Tor Lillqvist  <tml@iki.fi>
 
 	* glib/gunicollate.c (g_utf8_collate, g_utf8_collate_key): Correct
@@ -120,7 +126,7 @@ Sun Aug  1 13:19:18 2004  Manish Singh  <yosh@gimp.org>
 	to run_roundtrip_tests().
 
 2004-08-01 Matthias Clasen  <mclasen@redhat.com>
-                                                                                
+
 	* Post-release version bump
 
         * === Released 2.5.1 ===
diff --git a/ChangeLog.pre-2-10 b/ChangeLog.pre-2-10
index 5d82166..bd25605 100644
--- a/ChangeLog.pre-2-10
+++ b/ChangeLog.pre-2-10
@@ -1,3 +1,9 @@
+2004-08-21  Tor Lillqvist  <tml@iki.fi>
+
+	* glib/gunicollate.c (g_utf8_collate_key): Guard against bogus
+	return value from strxfrm(). For instance Microsoft's strxfrm()
+	returns INT_MAX on errors. (#141124)
+
 2004-08-19  Tor Lillqvist  <tml@iki.fi>
 
 	* glib/gunicollate.c (g_utf8_collate, g_utf8_collate_key): Correct
@@ -120,7 +126,7 @@ Sun Aug  1 13:19:18 2004  Manish Singh  <yosh@gimp.org>
 	to run_roundtrip_tests().
 
 2004-08-01 Matthias Clasen  <mclasen@redhat.com>
-                                                                                
+
 	* Post-release version bump
 
         * === Released 2.5.1 ===
diff --git a/ChangeLog.pre-2-12 b/ChangeLog.pre-2-12
index 5d82166..bd25605 100644
--- a/ChangeLog.pre-2-12
+++ b/ChangeLog.pre-2-12
@@ -1,3 +1,9 @@
+2004-08-21  Tor Lillqvist  <tml@iki.fi>
+
+	* glib/gunicollate.c (g_utf8_collate_key): Guard against bogus
+	return value from strxfrm(). For instance Microsoft's strxfrm()
+	returns INT_MAX on errors. (#141124)
+
 2004-08-19  Tor Lillqvist  <tml@iki.fi>
 
 	* glib/gunicollate.c (g_utf8_collate, g_utf8_collate_key): Correct
@@ -120,7 +126,7 @@ Sun Aug  1 13:19:18 2004  Manish Singh  <yosh@gimp.org>
 	to run_roundtrip_tests().
 
 2004-08-01 Matthias Clasen  <mclasen@redhat.com>
-                                                                                
+
 	* Post-release version bump
 
         * === Released 2.5.1 ===
diff --git a/ChangeLog.pre-2-6 b/ChangeLog.pre-2-6
index 5d82166..bd25605 100644
--- a/ChangeLog.pre-2-6
+++ b/ChangeLog.pre-2-6
@@ -1,3 +1,9 @@
+2004-08-21  Tor Lillqvist  <tml@iki.fi>
+
+	* glib/gunicollate.c (g_utf8_collate_key): Guard against bogus
+	return value from strxfrm(). For instance Microsoft's strxfrm()
+	returns INT_MAX on errors. (#141124)
+
 2004-08-19  Tor Lillqvist  <tml@iki.fi>
 
 	* glib/gunicollate.c (g_utf8_collate, g_utf8_collate_key): Correct
@@ -120,7 +126,7 @@ Sun Aug  1 13:19:18 2004  Manish Singh  <yosh@gimp.org>
 	to run_roundtrip_tests().
 
 2004-08-01 Matthias Clasen  <mclasen@redhat.com>
-                                                                                
+
 	* Post-release version bump
 
         * === Released 2.5.1 ===
diff --git a/ChangeLog.pre-2-8 b/ChangeLog.pre-2-8
index 5d82166..bd25605 100644
--- a/ChangeLog.pre-2-8
+++ b/ChangeLog.pre-2-8
@@ -1,3 +1,9 @@
+2004-08-21  Tor Lillqvist  <tml@iki.fi>
+
+	* glib/gunicollate.c (g_utf8_collate_key): Guard against bogus
+	return value from strxfrm(). For instance Microsoft's strxfrm()
+	returns INT_MAX on errors. (#141124)
+
 2004-08-19  Tor Lillqvist  <tml@iki.fi>
 
 	* glib/gunicollate.c (g_utf8_collate, g_utf8_collate_key): Correct
@@ -120,7 +126,7 @@ Sun Aug  1 13:19:18 2004  Manish Singh  <yosh@gimp.org>
 	to run_roundtrip_tests().
 
 2004-08-01 Matthias Clasen  <mclasen@redhat.com>
-                                                                                
+
 	* Post-release version bump
 
         * === Released 2.5.1 ===
diff --git a/glib/gunicollate.c b/glib/gunicollate.c
index 9ca3a58..ff7ad3d 100644
--- a/glib/gunicollate.c
+++ b/glib/gunicollate.c
@@ -231,6 +231,14 @@ g_utf8_collate_key (const gchar *str,
       if (str_locale)
 	{
 	  xfrm_len = strxfrm (NULL, str_locale, 0);
+	  if (xfrm_len < 0 || xfrm_len >= G_MAXINT - 2)
+	    {
+	      g_free (str_locale);
+	      str_locale = NULL;
+	    }
+	}
+      if (str_locale)
+	{
 	  result = g_malloc (xfrm_len + 2);
 	  result[0] = 'A';
 	  strxfrm (result + 1, str_locale, xfrm_len + 1);
-- 
2.7.4