-
libunistring uses UTF-8 strings without a trailing NUL byte. We're passing such strings to tracker_parser_unaccent_nfkd_string() from function_sparql_unaccent() in the sqlite interface. If the string has no accented characters, writing a NUL byte at the end will step out of bounds. This causes memory corruption and crashes. The other caller of tracker_parser_unaccent_nfkd_string() is process_word_utf8(), and it looks like it wants a trailing NUL, so let's add it there. There are no more callers of the libunistring version of tracker_parser_unaccent_nfkd_string(). (For extra confusion, the libicu version of tracker_parser_unaccent_nfkd_string() deals with U+0000-terminated UTF-16 strings.) Should fix https://bugzilla.gnome.org/show_bug.cgi?id=746195
1714a4c1
