From 7a3d98324df08cce17ee0ffce74c0fa73b38ee4a Mon Sep 17 00:00:00 2001
From: Kristian Rietveld <kris@gtk.org>
Date: Fri, 4 Sep 2009 13:34:56 +0200
Subject: [PATCH] Fail to scroll if the given mark is not in text view's
 current buffer

In gtk_text_view_queue_scroll() we need to verify if the given mark
exists in the text view's current buffer.  When not done, this can
result in corruption of the BTree data structure.  Patch merged from
maemo-gtk.
---
 gtk/gtktextview.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/gtk/gtktextview.c b/gtk/gtktextview.c
index 4c5f0d233d..ad04480d47 100644
--- a/gtk/gtktextview.c
+++ b/gtk/gtktextview.c
@@ -1894,6 +1894,7 @@ gtk_text_view_queue_scroll (GtkTextView   *text_view,
                             gdouble        xalign,
                             gdouble        yalign)
 {
+  const char *mark_name;
   GtkTextIter iter;
   GtkTextPendingScroll *scroll;
 
@@ -1906,6 +1907,12 @@ gtk_text_view_queue_scroll (GtkTextView   *text_view,
   scroll->xalign = xalign;
   scroll->yalign = yalign;
   
+  /* We need to verify that the buffer contains the mark, otherwise this
+   * can lead to data structure corruption later on.
+   */
+  mark_name = gtk_text_mark_get_name (mark);
+  g_return_if_fail (gtk_text_buffer_get_mark (get_buffer (text_view), mark_name));
+
   gtk_text_buffer_get_iter_at_mark (get_buffer (text_view), &iter, mark);
 
   scroll->mark = gtk_text_buffer_create_mark (get_buffer (text_view),