proc/escape.c: Prevent integer overflows in escape_str_utf8().

Simply rearrange the old comparisons. The new comparisons are safe,
because we know from previous checks that:

1/ wlen > 0

2/ my_cells < *maxcells (also: my_cells >= 0 and *maxcells > 0)

3/ len > 1

4/ my_bytes+1 < bufsize (also: my_bytes >= 0 and bufsize > 0)

diff --git a/proc/escape.c b/proc/escape.c
index a846095b4637ff54352ae22d6f1c9734acd21336..827337fec5df371e98db8395283c4db3d177e1c0 100644 (file)
--- a/proc/escape.c
+++ b/proc/escape.c
@@ -98,7 +98,7 @@ static int escape_str_utf8(char *restrict dst, const char *restrict src, int buf
       } else {
         // multibyte - printable
         // Got space?
-        if (my_cells+wlen > *maxcells || my_bytes+1+len >= bufsize) break;
+        if (wlen > *maxcells-my_cells || len >= bufsize-(my_bytes+1)) break;
         // 0x9b is control byte for some terminals
         if (memchr(src, 0x9B, len)) {
          // unsafe multibyte