From: Petr Písař <ppisar@redhat.com>
Subject: Fix a heap buffer overwrite in search_brace() (CVE-2023-40305)
Bug-Debian: https://bugs.debian.org/1049366
Forwarded: https://savannah.gnu.org/bugs/index.php?64503

--- a/src/indent.c
+++ b/src/indent.c
@@ -228,6 +228,7 @@
                  * a `dump_line' call, thus ensuring that the brace
                  * will go into the right column. */
 
+                need_chars (&save_com, 2);
                 *save_com.end++ = EOL;
                 *save_com.end++ = '{';
                 save_com.len += 2;