From: Pip Cet <pipcet@protonmail.com>
Date: Mon, 27 Jan 2025 21:06:27 +0000 (-0800)
Subject: Avoid printing NUL characters in 'message' (bug#75900)
X-Git-Url: http://git.eshelyaron.com/gitweb/?a=commitdiff_plain;h=8018eb46ff5c3aa3efe237c795e0a892d418ba01;p=emacs.git

Avoid printing NUL characters in 'message' (bug#75900)

* src/xdisp.c (vmessage): Increase buffer size to fit an extra
multibyte character.  On buffer overflow, drop the last multibyte
character to determine an accurate byte length.

(cherry picked from commit 8812f526cfb145e00ee4cb74eac05b25953da02c)
---

diff --git a/src/xdisp.c b/src/xdisp.c
index c6774452d66..fac1d53ff12 100644
--- a/src/xdisp.c
+++ b/src/xdisp.c
@@ -12587,10 +12587,19 @@ vmessage (const char *m, va_list ap)
 	      ptrdiff_t len;
 	      ptrdiff_t maxsize = FRAME_MESSAGE_BUF_SIZE (f);
 	      USE_SAFE_ALLOCA;
-	      char *message_buf = SAFE_ALLOCA (maxsize + 1);
-
-	      len = doprnt (message_buf, maxsize, m, 0, ap);
+	      char *message_buf = SAFE_ALLOCA (maxsize + MAX_MULTIBYTE_LENGTH);
 
+	      len = doprnt (message_buf, maxsize + MAX_MULTIBYTE_LENGTH, m, 0, ap);
+	      /* doprnt returns the buffer size minus one when it
+		 truncated a multibyte sequence.  Work around that by
+		 truncating to the last valid multibyte head.  */
+	      if (len >= maxsize)
+		{
+		  len = maxsize - 1;
+		  while (!CHAR_HEAD_P (message_buf[len]))
+		    len--;
+		  message_buf[len] = 0;
+		}
 	      message3 (make_string (message_buf, len));
 	      SAFE_FREE ();
 	    }