From dad7d366b37ef474f3a624e33224b45b482605aa Mon Sep 17 00:00:00 2001
From: Kovid Goyal <kovid@kovidgoyal.net>
Date: Tue, 7 Jul 2020 09:25:14 +0530
Subject: [PATCH] Fix out of bounds write on platforms where sizeof(bool) != 1

Found by code scanning
---
 kitty/screen.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/kitty/screen.c b/kitty/screen.c
index 70faf3c98..ef28a5996 100644
--- a/kitty/screen.c
+++ b/kitty/screen.c
@@ -123,7 +123,7 @@ new(PyTypeObject *type, PyObject *args, PyObject UNUSED *kwds) {
         ) {
             Py_CLEAR(self); return NULL;
         }
-        self->alt_tabstops = self->main_tabstops + self->columns * sizeof(bool);
+        self->alt_tabstops = self->main_tabstops + self->columns;
         self->tabstops = self->main_tabstops;
         init_tabstops(self->main_tabstops, self->columns);
         init_tabstops(self->alt_tabstops, self->columns);
@@ -236,7 +236,7 @@ screen_resize(Screen *self, unsigned int lines, unsigned int columns) {
     PyMem_Free(self->main_tabstops);
     self->main_tabstops = PyMem_Calloc(2*self->columns, sizeof(bool));
     if (self->main_tabstops == NULL) { PyErr_NoMemory(); return false; }
-    self->alt_tabstops = self->main_tabstops + self->columns * sizeof(bool);
+    self->alt_tabstops = self->main_tabstops + self->columns;
     self->tabstops = self->main_tabstops;
     init_tabstops(self->main_tabstops, self->columns);
     init_tabstops(self->alt_tabstops, self->columns);