From 4a65258bc7c284ecf61ba6e4399a7012e71d7952 Mon Sep 17 00:00:00 2001
From: Keisuke Kuroyanagi <ksk@google.com>
Date: Mon, 19 Aug 2013 18:58:10 +0900
Subject: [PATCH] Fix possible SIGSEGV.

Change-Id: I6008c0457a8da9b90434a3b96a51da1487948f1b
---
 .../suggest/core/dicnode/internal/dic_node_state_output.h  | 4 +++-
 .../core/dicnode/internal/dic_node_state_prevword.h        | 7 +++++--
 2 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/native/jni/src/suggest/core/dicnode/internal/dic_node_state_output.h b/native/jni/src/suggest/core/dicnode/internal/dic_node_state_output.h
index 45c7f5cf9..74eb5dfe7 100644
--- a/native/jni/src/suggest/core/dicnode/internal/dic_node_state_output.h
+++ b/native/jni/src/suggest/core/dicnode/internal/dic_node_state_output.h
@@ -49,8 +49,10 @@ class DicNodeStateOutput {
     void addMergedNodeCodePoints(const uint16_t mergedNodeCodePointCount,
             const int *const mergedNodeCodePoints) {
         if (mergedNodeCodePoints) {
+            const int additionalCodePointCount = min(static_cast<int>(mergedNodeCodePointCount),
+                    MAX_WORD_LENGTH - mOutputtedCodePointCount);
             memcpy(&mCodePointsBuf[mOutputtedCodePointCount], mergedNodeCodePoints,
-                    mergedNodeCodePointCount * sizeof(mCodePointsBuf[0]));
+                    additionalCodePointCount * sizeof(mCodePointsBuf[0]));
             mOutputtedCodePointCount = static_cast<uint16_t>(
                     mOutputtedCodePointCount + mergedNodeCodePointCount);
             if (mOutputtedCodePointCount < MAX_WORD_LENGTH) {
diff --git a/native/jni/src/suggest/core/dicnode/internal/dic_node_state_prevword.h b/native/jni/src/suggest/core/dicnode/internal/dic_node_state_prevword.h
index 5854f4f6e..f437c95f6 100644
--- a/native/jni/src/suggest/core/dicnode/internal/dic_node_state_prevword.h
+++ b/native/jni/src/suggest/core/dicnode/internal/dic_node_state_prevword.h
@@ -69,11 +69,14 @@ class DicNodeStatePrevWord {
             const int prevWordNodePos, const int *const src0, const int16_t length0,
             const int *const src1, const int16_t length1, const int *const prevSpacePositions,
             const int lastInputIndex) {
-        mPrevWordCount = prevWordCount;
+        mPrevWordCount = min(prevWordCount, static_cast<int16_t>(MAX_RESULTS));
         mPrevWordProbability = prevWordProbability;
         mPrevWordNodePos = prevWordNodePos;
-        const int twoWordsLen =
+        int twoWordsLen =
                 DicNodeUtils::appendTwoWords(src0, length0, src1, length1, mPrevWord);
+        if (twoWordsLen >= MAX_WORD_LENGTH) {
+            twoWordsLen = MAX_WORD_LENGTH - 1;
+        }
         mPrevWord[twoWordsLen] = KEYCODE_SPACE;
         mPrevWordStart = length0;
         mPrevWordLength = static_cast<int16_t>(twoWordsLen + 1);