out-of-bounds access on clicking at end of text field

https://bugzilla.redhat.com/show_bug.cgi?id=1608371 https://bugs.launchpad.net/inkscape/+bug/1803553 Reproduce using: 1. Select text tool (F8) 2. Click on empty canvas 3. Type "abc" 4. Click somewhere else 5. Click in first text field after "c" in "abc"
author: Trevor Spiteri <trevor.spiteri@um.edu.mt> 2019-01-15 17:57:56 +0000
committer: Trevor Spiteri <trevor.spiteri@um.edu.mt> 2019-01-15 17:57:56 +0000
commit: 6b8b86ca248cc47128ee3646d7ce17d2c0720522 (patch)
tree: f4978833a7197010b73c6764d933b1128e93f555 /src/libnrtype
parent: out-of-bounds access on Enter in new text field (diff)
download: inkscape-6b8b86ca248cc47128ee3646d7ce17d2c0720522.tar.gz
inkscape-6b8b86ca248cc47128ee3646d7ce17d2c0720522.zip
1 files changed, 4 insertions, 1 deletions
diff --git a/src/libnrtype/Layout-TNG-OutIter.cpp b/src/libnrtype/Layout-TNG-OutIter.cpp
index 74b9494a6..3dc5c3e4f 100644
--- a/src/libnrtype/Layout-TNG-OutIter.cpp
+++ b/src/libnrtype/Layout-TNG-OutIter.cpp
@@ -47,7 +47,10 @@ Layout::iterator Layout::_cursorXOnLineToIterator(unsigned line_index, double lo
             best_x_difference = this_x_difference;
         }
     }
-    if (best_char_index == -1) return iterator(this, char_index);
+    if (best_char_index == -1)
+        best_char_index = char_index;
+    if (best_char_index == _characters.size())
+        return end();
     return iterator(this, best_char_index);
 }
author	Trevor Spiteri <trevor.spiteri@um.edu.mt>	2019-01-15 17:57:56 +0000
committer	Trevor Spiteri <trevor.spiteri@um.edu.mt>	2019-01-15 17:57:56 +0000
commit	6b8b86ca248cc47128ee3646d7ce17d2c0720522 (patch)
tree	f4978833a7197010b73c6764d933b1128e93f555 /src/libnrtype
parent	out-of-bounds access on Enter in new text field (diff)
download	inkscape-6b8b86ca248cc47128ee3646d7ce17d2c0720522.tar.gz inkscape-6b8b86ca248cc47128ee3646d7ce17d2c0720522.zip