Mercurial > vim

comparison src/term.c @ 34074:1629cc65d78d v9.1.0006

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
patch 9.1.0006: is*() and to*() function may be unsafe Commit: https://github.com/vim/vim/commit/184f71cc6868a240dc872ed2852542bbc1d43e28 Author: Keith Thompson <Keith.S.Thompson@gmail.com> Date: Thu Jan 4 21:19:04 2024 +0100 patch 9.1.0006: is*() and to*() function may be unsafe Problem: is*() and to*() function may be unsafe Solution: Add SAFE_* macros and start using those instead (Keith Thompson) Use SAFE_() macros for is*() and to*() functions The standard is*() and to*() functions declared in <ctype.h> have undefined behavior for negative arguments other than EOF. If plain char is signed, passing an unchecked value from argv for from user input to one of these functions has undefined behavior. Solution: Add SAFE_*() macros that cast the argument to unsigned char. Most implementations behave sanely for negative arguments, and most character values in practice are non-negative, but it's still best to avoid undefined behavior. The change from #13347 has been omitted, as this has already been separately fixed in commit ac709e2fc0db6d31abb7da96f743c40956b60c3a (v9.0.2054) fixes: #13332 closes: #13347 Signed-off-by: Keith Thompson <Keith.S.Thompson@gmail.com> Signed-off-by: Christian Brabandt <cb@256bit.org>
author Christian Brabandt <cb@256bit.org>
date Thu, 04 Jan 2024 21:30:04 +0100
parents cb88e5c589d0
children 8f94a72dfbed
comparison
equal deleted inserted replaced
34073:7d9c9731e78e 34074:1629cc65d78d
3432 #ifdef FEAT_GUI 3432 #ifdef FEAT_GUI
3433 if (!gui.in_use) 3433 if (!gui.in_use)
3434 #endif 3434 #endif
3435 { 3435 {
3436 env_colors = mch_getenv((char_u *)"COLORS"); 3436 env_colors = mch_getenv((char_u *)"COLORS");
3437 if (env_colors != NULL && isdigit(*env_colors)) 3437 if (env_colors != NULL && SAFE_isdigit(*env_colors))
3438 { 3438 {
3439 int colors = atoi((char *)env_colors); 3439 int colors = atoi((char *)env_colors);
3440 3440
3441 if (colors != t_colors) 3441 if (colors != t_colors)
3442 set_color_count(colors); 3442 set_color_count(colors);
5847 // Probably the cursor shape response. Make sure that "i" 5847 // Probably the cursor shape response. Make sure that "i"
5848 // is equal to "len" when there are not sufficient 5848 // is equal to "len" when there are not sufficient
5849 // characters. 5849 // characters.
5850 for (i = j + 3; i < len; ++i) 5850 for (i = j + 3; i < len; ++i)
5851 { 5851 {
5852 if (i - j == 3 && !isdigit(tp[i])) 5852 if (i - j == 3 && !SAFE_isdigit(tp[i]))
5853 break; 5853 break;
5854 if (i - j == 4 && tp[i] != ' ') 5854 if (i - j == 4 && tp[i] != ' ')
5855 break; 5855 break;
5856 if (i - j == 5 && tp[i] != 'q') 5856 if (i - j == 5 && tp[i] != 'q')
5857 break; 5857 break;
6081 && termcodes[idx].code[1] == '[') 6081 && termcodes[idx].code[1] == '[')
6082 { 6082 {
6083 // The mouse termcode "ESC [" is also the prefix of 6083 // The mouse termcode "ESC [" is also the prefix of
6084 // "ESC [ I" (focus gained) and other keys. Check some 6084 // "ESC [ I" (focus gained) and other keys. Check some
6085 // more bytes to find out. 6085 // more bytes to find out.
6086 if (!isdigit(tp[2])) 6086 if (!SAFE_isdigit(tp[2]))
6087 { 6087 {
6088 // ESC [ without number following: Only use it when 6088 // ESC [ without number following: Only use it when
6089 // there is no other match. 6089 // there is no other match.
6090 looks_like_mouse_start = TRUE; 6090 looks_like_mouse_start = TRUE;
6091 } 6091 }
6164 else 6164 else
6165 { 6165 {
6166 // Skip over the digits, the final char must 6166 // Skip over the digits, the final char must
6167 // follow. URXVT can use a negative value, thus 6167 // follow. URXVT can use a negative value, thus
6168 // also accept '-'. 6168 // also accept '-'.
6169 for (j = slen - 2; j < len && (isdigit(tp[j]) 6169 for (j = slen - 2; j < len && (SAFE_isdigit(tp[j])
6170 || tp[j] == '-' || tp[j] == ';'); ++j) 6170 || tp[j] == '-' || tp[j] == ';'); ++j)
6171 ; 6171 ;
6172 ++j; 6172 ++j;
6173 if (len < j) // got a partial sequence 6173 if (len < j) // got a partial sequence
6174 return -1; // need to get more chars 6174 return -1; // need to get more chars