Mercurial > vim

diff src/dosinst.c @ 4111:918d7df425af v7.3.809

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
updated for version 7.3.809 Problem: The dosinst.c program has a buffer overflow. (Thomas Gwae) Solution: Ignore $VIMRUNTIME if it is too long.
author Bram Moolenaar <bram@vim.org>
date Wed, 13 Feb 2013 14:36:44 +0100
parents 073ff46fe397
children 04736b4030ec
line wrap: on
line diff
--- a/src/dosinst.c
+++ b/src/dosinst.c
@@ -375,7 +375,7 @@ get_vim_env(void)
 
     /* First get $VIMRUNTIME.  If it's set, remove the tail. */
     vim = getenv("VIMRUNTIME");
-    if (vim != NULL && *vim != 0)
+    if (vim != NULL && *vim != 0 && strlen(vim) < BUFSIZE)
     {
 	strcpy(buf, vim);
 	remove_tail(buf);