Alan Third writes: > On Sat, Oct 09, 2021 at 02:43:18PM +0300, Eli Zaretskii wrote: >> > From: Daniel Martín >> > Cc: 51105@debbugs.gnu.org >> > Date: Sat, 09 Oct 2021 12:06:36 +0200 >> > >> > Now I think that the right thing to do may be to modify nsterm.m, switch >> > on the glyph type and, if the glyph type is COMPOSITE_GLYPH, call >> > composition_gstring_width to get the glyph metrics. Function >> > composition_gstring_width uses the values from fields s->cmp_from and >> > s->cmp_to, and would avoid the buffer overflow: >> > >> > (lldb) fr v s->cmp_from >> > (int) s->cmp_from = 6 >> > (lldb) fr v s->cmp_to >> > (int) s->cmp_to = 7 >> > >> > WDYT? I can prepare a patch of this type if you agree. >> >> SGTM, but I'd like to hear Alan's opinion as well, as I don't feel I >> know enough about the NS display backend. > > I don't know much about this part of the code, but it sounds good to > me too. A reduced test case to reproduce the problem is to paste "العربية" in the *scratch* buffer. I've attached a patch that fixes the issue.