From bb490e590b1456061dfb1640bca83239e314c05a Mon Sep 17 00:00:00 2001
From: rswindell <>
Date: Fri, 10 Apr 2020 08:47:24 +0000
Subject: [PATCH] Fix one crash in the new Ctrl-Find feature (option lists can,
 unfortunately, be terminated with a 0-length option string). There still
 another crash I'm investigating that occurs if you type a string that isn't
 found. It appears to deref past the end of the option array.

---
 src/uifc/uifc32.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/uifc/uifc32.c b/src/uifc/uifc32.c
index 16ab7cad1c..1f93353836 100644
--- a/src/uifc/uifc32.c
+++ b/src/uifc/uifc32.c
@@ -1715,7 +1715,7 @@ int ulist(int mode, int left, int top, int width, int *cur, int *bar
 						case CTRL_G:
 							if(/*!(api->mode&UIFC_NOCTRL)*/1) { // No no, *this* control key is fine!
 								if (gotkey == CTRL_G || api->input(WIN_MID|WIN_SAV, 0, 0, "Find", search, sizeof(search), K_EDIT) > 0) {
-									for (j = (*cur) + 1; j != *cur; j++, j = option[j] == NULL ? 0 : j) {   /* a = search count */
+									for (j = (*cur) + 1; j != *cur; j++, j = (option[j] == NULL || !option[j][0]) ? 0 : j) {   /* a = search count */
 										if (strcasestr(option[j], search) != NULL) {
 											// Copy/pasted from search above.
 											if(y+(j-(*cur))+2>height+top) {
-- 
GitLab