when len < start, hwrite() may pass too large values to mbrtowc() since len - i wraps around. this caused a crash on musl libc with a long (384 bytes) line containing utf-8 multibyte characters, and a 110 character wide terminal (hwrite was called with start=110 len=109). probably varies on libc implementation, but musl mbrtowc() was returning a very large value when called like this.
the intention seems to be to pass the rest of the bytes-to-be-printed after i to mbrtowc, so start needs to be added to the calculation.
ingwarsw
commented
2 years ago
when len < start, hwrite() may pass too large values to mbrtowc() since
len - iwraps around. this caused a crash on musl libc with a long (384 bytes) line containing utf-8 multibyte characters, and a 110 character wide terminal (hwrite was called with start=110 len=109). probably varies on libc implementation, but musl mbrtowc() was returning a very large value when called like this.the intention seems to be to pass the rest of the bytes-to-be-printed after
ito mbrtowc, sostartneeds to be added to the calculation.