From 78ddaeb6d339d1c900cf76e3edff2ec3f0fd523a Mon Sep 17 00:00:00 2001
From: Po Lu <luangruo@yahoo.com>
Date: Wed, 26 Jun 2024 12:08:55 +0800
Subject: [PATCH] Avert crash in store_mode_line_string on Android 5.0 and
 earlier

* src/xdisp.c (store_mode_line_string)
[__ANDROID_API__ < 22]: Call strlen on STRING if the limit
would otherwise be SIZE_MAX, or if the address of the string
is within PRECISION bytes of UINTPTR_MAX, in which case it
cannot possibly be larger than PRECISION.

(cherry picked from commit 8b1841021c0d1ca92cb79443909824519429f75f)
---
 src/xdisp.c | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/src/xdisp.c b/src/xdisp.c
index 8c7e8e5cb43..566c4b211d6 100644
--- a/src/xdisp.c
+++ b/src/xdisp.c
@@ -28065,7 +28065,18 @@ store_mode_line_string (const char *string, Lisp_Object lisp_string,
 
   if (string != NULL)
     {
-      len = strnlen (string, precision <= 0 ? SIZE_MAX : precision);
+#if defined HAVE_ANDROID && !defined ANDROID_STUBIFY	\
+  && __ANDROID_API__ < 22
+      /* Circumvent a bug in memchr preventing strnlen from returning
+	 valid values when a large limit is specified.
+
+         https://issuetracker.google.com/issues/37020957 */
+      if (precision <= 0 || ((uintptr_t) string
+			     > (UINTPTR_MAX - precision)))
+	len = strlen (string);
+      else
+#endif /* HAVE_ANDROID && !ANDROID_STUBIFY && __ANDROID_API__ < 22 */
+	len = strnlen (string, precision <= 0 ? SIZE_MAX : precision);
       lisp_string = make_string (string, len);
       if (NILP (props))
 	props = mode_line_string_face_prop;
-- 
2.39.2