From b829b762fd3ee3e925f739f318611b53cfff38e5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ole=20Andr=C3=A9=20Vadla=20Ravn=C3=A5s?= <oleavr@gmail.com>
Date: Wed, 25 Oct 2017 00:30:34 +0200
Subject: [PATCH] gutf8: Fix length handling in g_utf8_make_valid()

We cannot blindly append the remainder when a length was provided
because the string isn't nul-terminated.

https://bugzilla.gnome.org/show_bug.cgi?id=789444
---
 glib/gutf8.c           | 2 +-
 glib/tests/utf8-misc.c | 5 +++++
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/glib/gutf8.c b/glib/gutf8.c
index e0d085001..ace4ee5a4 100644
--- a/glib/gutf8.c
+++ b/glib/gutf8.c
@@ -1803,7 +1803,7 @@ g_utf8_make_valid (const gchar *str,
   if (string == NULL)
     return g_strndup (str, len);
   
-  g_string_append (string, remainder);
+  g_string_append_len (string, remainder, remaining_bytes);
   g_string_append_c (string, '\0');
 
   g_assert (g_utf8_validate (string->str, -1, NULL));
diff --git a/glib/tests/utf8-misc.c b/glib/tests/utf8-misc.c
index a2d22df3f..7a8c37448 100644
--- a/glib/tests/utf8-misc.c
+++ b/glib/tests/utf8-misc.c
@@ -145,6 +145,11 @@ test_utf8_make_valid (void)
   g_assert_cmpstr (r, ==, "\xe2\x82\xa0gh\xef\xbf\xbd\xef\xbf\xbdjl");
   g_free (r);
 
+  /* invalid UTF8 without nul terminator followed by something unfortunate */
+  r = g_utf8_make_valid ("Bj\xc3\xb8", 3);
+  g_assert_cmpstr (r, ==, "Bj\xef\xbf\xbd");
+  g_free (r);
+
   /* invalid UTF8 with embedded nul */
   r = g_utf8_make_valid ("\xe2\x82\xa0gh\xe2\x00jl", 9);
   g_assert_cmpstr (r, ==, "\xe2\x82\xa0gh\xef\xbf\xbd\xef\xbf\xbdjl");