>From a very quick look: _decode_targets in gtkwidget.pre doesn't check that the sub-array size is 3 before indexing it. And checking that ITEM(cur)[0].u.string->size_shift is 0 is easy to add. Are there any other restrictions on the string (e.g. is \0 allowed)? The new string range functions are handy for that.
Code review request: branch rosuav/gtk2-drag-drop
Martin Nilsson (Coppermist) @ Pike (-) developers forum Tue, 22 Nov 2016 19:09:37 -0800
