From 3fe2f482bd2c636934cfd8e8aa0a07631164831d Mon Sep 17 00:00:00 2001
From: Eli Zaretskii <eliz@gnu.org>
Date: Fri, 28 May 2021 10:25:26 +0300
Subject: [PATCH] Attempt to fix segfaults caused by changes in
 'lisp_string_width'

* src/character.c (lisp_string_width): Validate the value of TO
argument before passing it to 'composition_gstring_width'.
(Bug#48711)
---
 src/character.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/src/character.c b/src/character.c
index 60424fab71e..e44ab8d43b1 100644
--- a/src/character.c
+++ b/src/character.c
@@ -376,9 +376,13 @@ lisp_string_width (Lisp_Object string, ptrdiff_t from, ptrdiff_t to,
 	       && find_automatic_composition (i, -1, &ignore, &end, &val, string)
 	       && end > i)
 	{
-	  int pixelwidth = composition_gstring_width (val, 0,
-						      LGSTRING_GLYPH_LEN (val),
-						      NULL);
+	  int j;
+	  for (j = 0; j < LGSTRING_GLYPH_LEN (val); j++)
+	    if (NILP (LGSTRING_GLYPH (val, j)))
+	      break;
+
+	  int pixelwidth = composition_gstring_width (val, 0, j, NULL);
+
 	  /* The below is somewhat expensive, so compute it only once
 	     for the entire loop, and only if needed.  */
 	  if (font_width < 0)
-- 
2.39.5