Applied-Software/ghostty
5
0
Fork 0
mirror of https://github.com/ghostty-org/ghostty.git synced 2025-07-16 16:56:09 +03:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2325 from ghostty-org/oob

Browse Source 
Fix OOB write on curly underline, add bounds checking in runtime safety modes
This commit is contained in:
Mitchell Hashimoto
2024-09-29 09:45:07 -07:00
committed by GitHub
parent e47e7a8b8b bbacee66d0
commit b9545ec2f9
2 changed files with 16 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
src/font/sprite/canvas.zig
View File

@ -409,6 +409,11 @@ const PixmanImpl = struct {
/// Draw and fill a single pixel /// Draw and fill a single pixel
pub fn pixel(self: *Canvas, x: u32, y: u32, color: Color) void { pub fn pixel(self: *Canvas, x: u32, y: u32, color: Color) void {
if (comptime std.debug.runtime_safety) {
assert(x < self.image.getWidth());
assert(y < self.image.getHeight());
}
const boxes = &[_]pixman.Box32{ const boxes = &[_]pixman.Box32{
.{ .{
.x1 = @intCast(x), .x1 = @intCast(x),
@ -433,10 +438,13 @@ const PixmanImpl = struct {
}, },
}; };
assert(boxes[0].x1 >= 0); if (comptime std.debug.runtime_safety) {
assert(boxes[0].y1 >= 0); assert(boxes[0].x1 >= 0);
assert(boxes[0].x2 <= @as(i32, @intCast(self.image.getWidth()))); assert(boxes[0].y1 >= 0);
assert(boxes[0].y2 <= @as(i32, @intCast(self.image.getHeight()))); assert(boxes[0].x2 <= @as(i32, @intCast(self.image.getWidth())));
assert(boxes[0].y2 <= @as(i32, @intCast(self.image.getHeight())));
}
self.image.fillBoxes(.src, color.pixmanColor(), boxes) catch {}; self.image.fillBoxes(.src, color.pixmanColor(), boxes) catch {};
} }

8
src/font/sprite/underline.zig
View File

@ -27,7 +27,7 @@ pub fn renderGlyph(
line_pos: u32, line_pos: u32,
line_thickness: u32, line_thickness: u32,
) !font.Glyph { ) !font.Glyph {
// Draw the appropriate sprite // Draw the appropriate sprite
var canvas: font.sprite.Canvas, const offset_y: i32 = switch (sprite) { var canvas: font.sprite.Canvas, const offset_y: i32 = switch (sprite) {
.underline => try drawSingle(alloc, width, line_thickness), .underline => try drawSingle(alloc, width, line_thickness),
.underline_double => try drawDouble(alloc, width, line_thickness), .underline_double => try drawDouble(alloc, width, line_thickness),
@ -181,13 +181,13 @@ fn drawCurly(alloc: Allocator, width: u32, thickness: u32) !CanvasAndOffset {
const alpha: u8 = @intFromFloat(255 * @abs(y - @floor(y))); const alpha: u8 = @intFromFloat(255 * @abs(y - @floor(y)));
// upper and lower bounds // upper and lower bounds
canvas.pixel(x, @min(y_upper, height), @enumFromInt(255 - alpha)); canvas.pixel(x, @min(y_upper, height - 1), @enumFromInt(255 - alpha));
canvas.pixel(x, @min(y_lower, height), @enumFromInt(alpha)); canvas.pixel(x, @min(y_lower, height - 1), @enumFromInt(alpha));
// fill between upper and lower bound // fill between upper and lower bound
var y_fill: u32 = y_upper + 1; var y_fill: u32 = y_upper + 1;
while (y_fill < y_lower) : (y_fill += 1) { while (y_fill < y_lower) : (y_fill += 1) {
canvas.pixel(x, @min(y_fill, height), .on); canvas.pixel(x, @min(y_fill, height - 1), .on);
} }
} }