changeset 12335:df498e3e34fc v8.0.1047

patch 8.0.1047: buffer overflow in Ruby commit https://github.com/vim/vim/commit/00ccf54630dc68a9b8aedb92b268f3b697081f68 Author: Bram Moolenaar <Bram@vim.org> Date: Sun Sep 3 15:17:48 2017 +0200 patch 8.0.1047: buffer overflow in Ruby Problem: Buffer overflow in Ruby. Solution: Allocate one more byte. (Dominique Pelle)
author Christian Brabandt <cb@256bit.org>
date Sun, 03 Sep 2017 15:30:05 +0200
parents 807044c2bd36
children 3914c0edd581
files src/if_ruby.c src/version.c
diffstat 2 files changed, 3 insertions(+), 1 deletions(-) [+]
line wrap: on
line diff
--- a/src/if_ruby.c
+++ b/src/if_ruby.c
@@ -984,7 +984,7 @@ static VALUE vim_message(VALUE self UNUS
     if (RSTRING_LEN(str) > 0)
     {
 	/* Only do this when the string isn't empty, alloc(0) causes trouble. */
-	buff = ALLOCA_N(char, RSTRING_LEN(str));
+	buff = ALLOCA_N(char, RSTRING_LEN(str) + 1);
 	strcpy(buff, RSTRING_PTR(str));
 	p = strchr(buff, '\n');
 	if (p) *p = '\0';
--- a/src/version.c
+++ b/src/version.c
@@ -770,6 +770,8 @@ static char *(features[]) =
 static int included_patches[] =
 {   /* Add new patch number below this line */
 /**/
+    1047,
+/**/
     1046,
 /**/
     1045,