Avoid an infinite loop on broken utf16.

	* gutf8.c (g_utf16_to_utf8): Increase the input counter
	when encountering broken surrogates head or tails to
	make sure we don't end in an infinite loop.

diff --git a/eglib/src/gutf8.c b/eglib/src/gutf8.c
index cb1776107ba4ba377bd254e3eceb7c4122fa1b2d..65ffbcd7fa4c13ee345ebc4e39954f4b39eedc91 100644 (file)
--- a/eglib/src/gutf8.c
+++ b/eglib/src/gutf8.c
@@ -338,6 +338,7 @@ g_utf16_to_utf8 (const gunichar2 *str, glong len, glong *items_read, glong *item
                        } else {
                                surrogate = 0;
                                /* invalid surrogate pair */
+                               ++in_pos;
                                continue;
                        }
                } else {
@@ -354,6 +355,7 @@ g_utf16_to_utf8 (const gunichar2 *str, glong len, glong *items_read, glong *item
                        else if (ch >= 0xD800 && ch <= 0xDBFF)
                                surrogate = ch;
                        else if (ch >= 0xDC00 && ch <= 0xDFFF) {
+                               ++in_pos;
                                /* invalid surrogate pair */
                                continue;
                        }