changeset 32359:088ca084ec37 v9.0.1511

patch 9.0.1511: crash when using wrong arg types to assert_match() Commit: https://github.com/vim/vim/commit/12e7a1fe7527e9e59adbe248a95b4b532e3ec58c Author: zeertzjq <zeertzjq@outlook.com> Date: Sat May 6 12:20:05 2023 +0100 patch 9.0.1511: crash when using wrong arg types to assert_match() Problem: Crash when using wrong arg types to assert_match(). Solution: Check for NULL pointer. (closes https://github.com/vim/vim/issues/12349)
author Bram Moolenaar <Bram@vim.org>
date Sat, 06 May 2023 13:30:07 +0200
parents 097336f579d7
children d0c44a70b750
files src/testdir/test_assert.vim src/testing.c src/version.c
diffstat 3 files changed, 30 insertions(+), 11 deletions(-) [+]
line wrap: on
line diff
--- a/src/testdir/test_assert.vim
+++ b/src/testdir/test_assert.vim
@@ -335,6 +335,23 @@ func Test_assert_fail_fails()
   call remove(v:errors, 0)
 endfunc
 
+func Test_assert_wrong_arg_emsg_off()
+  CheckFeature folding
+
+  new
+  call setline(1, ['foo', 'bar'])
+  1,2fold
+
+  " This used to crash Vim
+  let &l:foldtext = 'assert_match({}, {})'
+  redraw!
+
+  let &l:foldtext = 'assert_equalfile({}, {})'
+  redraw!
+
+  bwipe!
+endfunc
+
 func Test_assert_fails_in_try_block()
   try
     call assert_equal(0, assert_fails('throw "error"'))
--- a/src/testing.c
+++ b/src/testing.c
@@ -281,9 +281,6 @@ assert_match_common(typval_T *argvars, a
     garray_T	ga;
     char_u	buf1[NUMBUFLEN];
     char_u	buf2[NUMBUFLEN];
-    int		called_emsg_before = called_emsg;
-    char_u	*pat;
-    char_u	*text;
 
     if (in_vim9script()
 	    && (check_for_string_arg(argvars, 0) == FAIL
@@ -291,9 +288,9 @@ assert_match_common(typval_T *argvars, a
 		|| check_for_opt_string_arg(argvars, 2) == FAIL))
 	return 1;
 
-    pat = tv_get_string_buf_chk(&argvars[0], buf1);
-    text = tv_get_string_buf_chk(&argvars[1], buf2);
-    if (called_emsg == called_emsg_before
+    char_u *pat = tv_get_string_buf_chk(&argvars[0], buf1);
+    char_u *text = tv_get_string_buf_chk(&argvars[1], buf2);
+    if (pat != NULL && text != NULL
 		 && pattern_match(pat, text, FALSE) != (atype == ASSERT_MATCH))
     {
 	prepare_assert_error(&ga);
@@ -420,24 +417,23 @@ assert_equalfile(typval_T *argvars)
 {
     char_u	buf1[NUMBUFLEN];
     char_u	buf2[NUMBUFLEN];
-    int		called_emsg_before = called_emsg;
     char_u	*fname1 = tv_get_string_buf_chk(&argvars[0], buf1);
     char_u	*fname2 = tv_get_string_buf_chk(&argvars[1], buf2);
-    garray_T	ga;
     FILE	*fd1;
     FILE	*fd2;
     char	line1[200];
     char	line2[200];
     int		lineidx = 0;
 
-    if (called_emsg > called_emsg_before)
+    if (fname1 == NULL || fname2 == NULL)
 	return 0;
 
     IObuff[0] = NUL;
     fd1 = mch_fopen((char *)fname1, READBIN);
     if (fd1 == NULL)
     {
-	vim_snprintf((char *)IObuff, IOSIZE, (char *)e_cant_read_file_str, fname1);
+	vim_snprintf((char *)IObuff, IOSIZE, (char *)e_cant_read_file_str,
+								       fname1);
     }
     else
     {
@@ -445,7 +441,8 @@ assert_equalfile(typval_T *argvars)
 	if (fd2 == NULL)
 	{
 	    fclose(fd1);
-	    vim_snprintf((char *)IObuff, IOSIZE, (char *)e_cant_read_file_str, fname2);
+	    vim_snprintf((char *)IObuff, IOSIZE, (char *)e_cant_read_file_str,
+								       fname2);
 	}
 	else
 	{
@@ -498,8 +495,10 @@ assert_equalfile(typval_T *argvars)
 	    fclose(fd2);
 	}
     }
+
     if (IObuff[0] != NUL)
     {
+	garray_T	ga;
 	prepare_assert_error(&ga);
 	if (argvars[2].v_type != VAR_UNKNOWN)
 	{
@@ -528,6 +527,7 @@ assert_equalfile(typval_T *argvars)
 	ga_clear(&ga);
 	return 1;
     }
+
     return 0;
 }
 
--- a/src/version.c
+++ b/src/version.c
@@ -696,6 +696,8 @@ static char *(features[]) =
 static int included_patches[] =
 {   /* Add new patch number below this line */
 /**/
+    1511,
+/**/
     1510,
 /**/
     1509,