InputTextWithHint(): Fixed buffer overflow when user callback modifies the buffer contents in a way that alters hint visibility. (#8368)

2025-04-05 05:25:08 +00:00 · 2025-02-03 15:11:03 +01:00 · 2025-02-03 15:11:03 +01:00 · 5dd84082ab
commit 5dd84082ab
parent 204cebc8fc
4 changed files with 18 additions and 1 deletions
--- a/backends/imgui_impl_metal.mm
+++ b/backends/imgui_impl_metal.mm
@ -15,6 +15,7 @@

 // CHANGELOG
 // (minor and older changes stripped away, please see git history for details)
+//  2025-02-03: Metal: Crash fix. (#8367)
 //  2024-01-08: Metal: Fixed memory leaks when using metal-cpp (#8276, #8166) or when using multiple contexts (#7419).
 //  2022-08-23: Metal: Update deprecated property 'sampleCount'->'rasterSampleCount'.
 //  2022-07-05: Metal: Add dispatch synchronization.
--- a/docs/CHANGELOG.txt
+++ b/docs/CHANGELOG.txt
@ -45,6 +45,9 @@ Other changes:

 - Fixed IsItemDeactivatedAfterEdit() signal being broken for Checkbox(),
  RadioButton(), Selectable(). Regression from 2025/01/13. (#8370)
+- InputTextWithHint(): Fixed buffer-overflow (luckily often with no visible effect)
+  when a user callback modified the buffer contents in a way that altered the
+  visibility of the preview/hint buffer. (#8368) [@m9710797, @ocornut]
 - Backends: Metal: Fixed a crash on application resources. (#8367, #7419) [@anszom]

 -----------------------------------------------------------------------
--- a/imgui.cpp
+++ b/imgui.cpp
@ -2012,6 +2012,7 @@ const char* ImStreolRange(const char* str, const char* str_end)

 const char* ImStrbol(const char* buf_mid_line, const char* buf_begin) // find beginning-of-line
 {
+    IM_ASSERT_PARANOID(buf_mid_line >= buf_begin && buf_mid_line <= buf_begin + strlen(buf_begin));
    while (buf_mid_line > buf_begin && buf_mid_line[-1] != '\n')
        buf_mid_line--;
    return buf_mid_line;
--- a/imgui_widgets.cpp
+++ b/imgui_widgets.cpp
@ -4669,7 +4669,7 @@ bool ImGui::InputTextEx(const char* label, const char* hint, char* buf, int buf_

    // Select the buffer to render.
    const bool buf_display_from_state = (render_cursor || render_selection || g.ActiveId == id) && !is_readonly && state;
-    const bool is_displaying_hint = (hint != NULL && (buf_display_from_state ? state->TextA.Data : buf)[0] == 0);
+    bool is_displaying_hint = (hint != NULL && (buf_display_from_state ? state->TextA.Data : buf)[0] == 0);

    // Password pushes a temporary font with only a fallback glyph
    if (is_password && !is_displaying_hint)
@ -5151,6 +5151,18 @@ bool ImGui::InputTextEx(const char* label, const char* hint, char* buf, int buf_
    const int buf_display_max_length = 2 * 1024 * 1024;
    const char* buf_display = buf_display_from_state ? state->TextA.Data : buf; //-V595
    const char* buf_display_end = NULL; // We have specialized paths below for setting the length
+
+    // Display hint when contents is empty
+    // At this point we need to handle the possibility that a callback could have modified the underlying buffer (#8368)
+    const bool new_is_displaying_hint = (hint != NULL && (buf_display_from_state ? state->TextA.Data : buf)[0] == 0);
+    if (new_is_displaying_hint != is_displaying_hint)
+    {
+        if (is_password && !is_displaying_hint)
+            PopFont();
+        is_displaying_hint = new_is_displaying_hint;
+        if (is_password && !is_displaying_hint)
+            PushPasswordFont();
+    }
    if (is_displaying_hint)
    {
        buf_display = hint;