Mercurial > vim
changeset 12005:0496ea4c5c2e v8.0.0883
patch 8.0.0883: invalid memory access with nonsensical script
commit https://github.com/vim/vim/commit/1c864093f93b0066de25d6c0ddf03a6bc6b1c870
Author: Bram Moolenaar <Bram@vim.org>
Date: Sun Aug 6 18:15:45 2017 +0200
patch 8.0.0883: invalid memory access with nonsensical script
Problem: Invalid memory access with nonsensical script.
Solution: Check "dstlen" being positive. (Dominique Pelle)
| author | Christian Brabandt <cb@256bit.org> |
|---|---|
| date | Sun, 06 Aug 2017 19:15:04 +0200 |
| parents | 2b8cb306954f |
| children | bf3f53363054 |
| files | src/misc1.c src/version.c |
| diffstat | 2 files changed, 14 insertions(+), 7 deletions(-) [+] |
line wrap: on
line diff
--- a/src/misc1.c +++ b/src/misc1.c @@ -4180,13 +4180,18 @@ expand_env_esc( } else if ((src[0] == ' ' || src[0] == ',') && !one) at_start = TRUE; - *dst++ = *src++; - --dstlen; - - if (startstr != NULL && src - startstr_len >= srcp - && STRNCMP(src - startstr_len, startstr, startstr_len) == 0) - at_start = TRUE; - } + if (dstlen > 0) + { + *dst++ = *src++; + --dstlen; + + if (startstr != NULL && src - startstr_len >= srcp + && STRNCMP(src - startstr_len, startstr, + startstr_len) == 0) + at_start = TRUE; + } + } + } *dst = NUL; }