From d385952fef6695bd8b5a1e3c5e7bce0643f2e388 Mon Sep 17 00:00:00 2001
From: Kovid Goyal <kovid@kovidgoyal.net>
Date: Sat, 13 Jan 2018 08:32:38 +0530
Subject: [PATCH] Add a bounds check

---
 kitty/data-types.h | 1 +
 kitty/fonts.c      | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/kitty/data-types.h b/kitty/data-types.h
index 9f9392f6c..680cf2801 100644
--- a/kitty/data-types.h
+++ b/kitty/data-types.h
@@ -25,6 +25,7 @@
 #define MIN(x, y) (((x) > (y)) ? (y) : (x))
 #define xstr(s) str(s)
 #define str(s) #s
+#define arraysz(x) (sizeof(x)/sizeof(x[0]))
 #define fatal(...) { fprintf(stderr, __VA_ARGS__); fprintf(stderr, "\n"); exit(EXIT_FAILURE); }
 
 typedef unsigned long long id_type;
diff --git a/kitty/fonts.c b/kitty/fonts.c
index bd6934974..5d0dacc7a 100644
--- a/kitty/fonts.c
+++ b/kitty/fonts.c
@@ -751,7 +751,7 @@ render_groups(Font *font) {
         if (!group->num_cells) break;
         /* printf("1111111 idx: %u num_cells: %u num_glyphs: %u first_glyph_idx: %u first_cell_idx: %u\n", idx, group->num_cells, group->num_glyphs, group->first_glyph_idx, group->first_cell_idx); */
         glyph_index primary = group->num_glyphs ? G(info)[group->first_glyph_idx].codepoint : 0;
-        for (unsigned i = 1; i < group->num_glyphs; i++) ed.data[i-1] = G(info)[group->first_glyph_idx + i].codepoint;
+        for (unsigned i = 1; i < MIN(arraysz(ed.data) + 1, group->num_glyphs); i++) ed.data[i-1] = G(info)[group->first_glyph_idx + i].codepoint;
         render_group(group->num_cells, group->num_glyphs, G(first_cell) + group->first_cell_idx, G(info) + group->first_glyph_idx, G(positions) + group->first_glyph_idx, font, primary, &ed);
         idx++;
     }