From 9a41526bfb03bcd48fdf4deaf41b032fcbae5447 Mon Sep 17 00:00:00 2001
From: veltza <106755522+veltza@users.noreply.github.com>
Date: Mon, 11 Mar 2024 23:54:16 +0200
Subject: [PATCH] Fix buffer overflow in xdrawglyph() (#119)

The buffer overflow occurs when the ligatures patch is enabled and
xmakeglyphfontspecs() returns more than one XftGlyphFontSpec.

Ref. https://github.com/cog1to/st-ligatures/issues/35
---
 x.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/x.c b/x.c
index 83ed0bb..2c43e81 100644
--- a/x.c
+++ b/x.c
@@ -2553,10 +2553,10 @@ void
 xdrawglyph(Glyph g, int x, int y)
 {
 	int numspecs;
-	XftGlyphFontSpec spec;
+	XftGlyphFontSpec *specs = xw.specbuf;
 
-	numspecs = xmakeglyphfontspecs(&spec, &g, 1, x, y);
-	xdrawglyphfontspecs(&spec, g, numspecs, x, y
+	numspecs = xmakeglyphfontspecs(specs, &g, 1, x, y);
+	xdrawglyphfontspecs(specs, g, numspecs, x, y
 		#if WIDE_GLYPHS_PATCH
 		,DRAW_BG | DRAW_FG
 		#endif // WIDE_GLYPHS_PATCH