Mercurial > vim
changeset 13068:63fdea6e9c6c v8.0.1409
patch 8.0.1409: buffer overflow in :tags command
commit https://github.com/vim/vim/commit/132f75255ecea17ff621f71236568c5d8d8e0163
Author: Bram Moolenaar <Bram@vim.org>
Date: Tue Dec 19 10:49:34 2017 +0100
patch 8.0.1409: buffer overflow in :tags command
Problem: Buffer overflow in :tags command.
Solution: Use vim_snprintf(). (Dominique Pelle, closes https://github.com/vim/vim/issues/2471, closes https://github.com/vim/vim/issues/2475)
Add a test.
author | Christian Brabandt <cb@256bit.org> |
---|---|
date | Tue, 19 Dec 2017 11:00:06 +0100 |
parents | 90405f52088a |
children | 5dcf876e6c69 |
files | src/tag.c src/testdir/test_taglist.vim src/version.c |
diffstat | 3 files changed, 9 insertions(+), 2 deletions(-) [+] |
line wrap: on
line diff
--- a/src/tag.c +++ b/src/tag.c @@ -1130,7 +1130,7 @@ do_tags(exarg_T *eap UNUSED) continue; msg_putchar('\n'); - sprintf((char *)IObuff, "%c%2d %2d %-15s %5ld ", + vim_snprintf((char *)IObuff, IOSIZE, "%c%2d %2d %-15s %5ld ", i == tagstackidx ? '>' : ' ', i + 1, tagstack[i].cur_match + 1,
--- a/src/testdir/test_taglist.vim +++ b/src/testdir/test_taglist.vim @@ -1,4 +1,4 @@ -" test 'taglist' function +" test 'taglist' function and :tags command func Test_taglist() call writefile([ @@ -56,3 +56,8 @@ func Test_taglist_ctags_etags() call delete('Xtags') endfunc + +func Test_tags_too_long() + call assert_fails('tag ' . repeat('x', 1020), 'E426') + tags +endfunc