From 7982de2a4cb168595cc6d32187f3c96e5c79d9dd Mon Sep 17 00:00:00 2001
From: Vicki Pfau <vi@endrift.com>
Date: Thu, 6 Oct 2022 22:21:38 -0700
Subject: [PATCH] Vita: Fix keyboard result bounds check

---
 src/platform/psp2/main.c | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/src/platform/psp2/main.c b/src/platform/psp2/main.c
index 7ad4db343..c474d9d85 100644
--- a/src/platform/psp2/main.c
+++ b/src/platform/psp2/main.c
@@ -132,9 +132,17 @@ static enum GUIKeyboardStatus _keyboardRun(struct GUIKeyboardParams* keyboard) {
 	utf16Buffer = params.inputTextBuffer;
 	utf8Buffer = keyboard->result;
 	i = keyboard->maxLen;
-	while (i > 0 && *utf16Buffer) {
-		uint32_t unichar = utf16Char((const uint16_t**) &utf16Buffer, &i);
-		utf8Buffer += toUtf8(unichar, utf8Buffer);
+	size_t bufferSize = sizeof(SceWChar16) * keyboard->maxLen;
+	while (bufferSize && *utf16Buffer) {
+		char buffer[4];
+		uint32_t unichar = utf16Char((const uint16_t**) &utf16Buffer, &bufferSize);
+		size_t bytes = toUtf8(unichar, buffer);
+		if (i < bytes) {
+			break;
+		}
+		memcpy(utf8Buffer, buffer, bytes);
+		utf8Buffer += bytes;
+		i -= bytes;
 	}
 	utf8Buffer[0] = 0;