https://bugs.gentoo.org/903860
https://github.com/mate-desktop/pluma/issues/664
https://github.com/mate-desktop/pluma/pull/665
https://github.com/mate-desktop/pluma/commit/8ca37beb259f7a62fef2005e888248ec880e44cd

From 8ca37beb259f7a62fef2005e888248ec880e44cd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bal=C3=A1zs=20Dura-Kov=C3=A1cs?= <balping314@gmail.com>
Date: Thu, 18 Aug 2022 17:44:41 +0200
Subject: [PATCH] Fix out-of-bounds write

Closes https://github.com/mate-desktop/pluma/issues/664

The size of tempfont was one byte too short, so strcpy performed an out-of-bounds write of the terminating 0.
--- a/pluma/pluma-window.c
+++ b/pluma/pluma-window.c
@@ -318,7 +318,7 @@ pluma_window_key_press_event (GtkWidget   *widget,
         g_strcanon (tempsize, "1234567890", '\0');
         g_strreverse (tempsize);
 
-        gchar tempfont [strlen (font)];
+        gchar tempfont [strlen (font) + 1];
         strcpy (tempfont, font);
         tempfont [strlen (font) - strlen (tempsize)] = 0;