Mercurial > vim
comparison src/quickfix.c @ 32335:9c034274034b v9.0.1499
patch 9.0.1499: using uninitialized memory with fuzzy matching
Commit: https://github.com/vim/vim/commit/caf642c25de526229264cab9425e7c9979f3509b
Author: Bram Moolenaar <Bram@vim.org>
Date: Sat Apr 29 21:38:04 2023 +0100
patch 9.0.1499: using uninitialized memory with fuzzy matching
Problem: Using uninitialized memory with fuzzy matching.
Solution: Initialize the arrays used to store match positions.
author | Bram Moolenaar <Bram@vim.org> |
---|---|
date | Sat, 29 Apr 2023 22:45:03 +0200 |
parents | 97255d909654 |
children | cb1af9880f6d |
comparison
equal
deleted
inserted
replaced
32334:33eb1fc6e886 | 32335:9c034274034b |
---|---|
6056 { | 6056 { |
6057 int found_match = FALSE; | 6057 int found_match = FALSE; |
6058 long lnum; | 6058 long lnum; |
6059 colnr_T col; | 6059 colnr_T col; |
6060 int pat_len = (int)STRLEN(spat); | 6060 int pat_len = (int)STRLEN(spat); |
6061 if (pat_len > MAX_FUZZY_MATCHES) | |
6062 pat_len = MAX_FUZZY_MATCHES; | |
6061 | 6063 |
6062 for (lnum = 1; lnum <= buf->b_ml.ml_line_count && *tomatch > 0; ++lnum) | 6064 for (lnum = 1; lnum <= buf->b_ml.ml_line_count && *tomatch > 0; ++lnum) |
6063 { | 6065 { |
6064 col = 0; | 6066 col = 0; |
6065 if (!(flags & VGR_FUZZY)) | 6067 if (!(flags & VGR_FUZZY)) |
6066 { | 6068 { |
6067 // Regular expression match | 6069 // Regular expression match |
6068 while (vim_regexec_multi(regmatch, curwin, buf, lnum, | 6070 while (vim_regexec_multi(regmatch, curwin, buf, lnum, |
6069 col, NULL) > 0) | 6071 col, NULL) > 0) |
6070 { | 6072 { |
6071 // Pass the buffer number so that it gets used even for a | 6073 // Pass the buffer number so that it gets used even for a |
6072 // dummy buffer, unless duplicate_name is set, then the | 6074 // dummy buffer, unless duplicate_name is set, then the |
6073 // buffer will be wiped out below. | 6075 // buffer will be wiped out below. |
6074 if (qf_add_entry(qfl, | 6076 if (qf_add_entry(qfl, |
6110 int score; | 6112 int score; |
6111 int_u matches[MAX_FUZZY_MATCHES]; | 6113 int_u matches[MAX_FUZZY_MATCHES]; |
6112 int_u sz = ARRAY_LENGTH(matches); | 6114 int_u sz = ARRAY_LENGTH(matches); |
6113 | 6115 |
6114 // Fuzzy string match | 6116 // Fuzzy string match |
6117 CLEAR_FIELD(matches); | |
6115 while (fuzzy_match(str + col, spat, FALSE, &score, matches, sz) > 0) | 6118 while (fuzzy_match(str + col, spat, FALSE, &score, matches, sz) > 0) |
6116 { | 6119 { |
6117 // Pass the buffer number so that it gets used even for a | 6120 // Pass the buffer number so that it gets used even for a |
6118 // dummy buffer, unless duplicate_name is set, then the | 6121 // dummy buffer, unless duplicate_name is set, then the |
6119 // buffer will be wiped out below. | 6122 // buffer will be wiped out below. |