Mercurial > vim
comparison src/insexpand.c @ 26773:80e134cbee4b v8.2.3915
patch 8.2.3915: illegal memory access when completing with invalid bytes
Commit: https://github.com/vim/vim/commit/4b28ba3245df8274303c79429972f9dc9438e4aa
Author: Bram Moolenaar <Bram@vim.org>
Date: Mon Dec 27 19:28:37 2021 +0000
patch 8.2.3915: illegal memory access when completing with invalid bytes
Problem: illegal memory access when completing with invalid bytes.
Solution: Avoid going over the end of the completion text.
| author | Bram Moolenaar <Bram@vim.org> |
|---|---|
| date | Mon, 27 Dec 2021 20:30:03 +0100 |
| parents | 84d56c5b7f2b |
| children | a8ded20a59e6 |
comparison
equal
deleted
inserted
replaced
| 26772:0a31b0ba0fd6 | 26773:80e134cbee4b |
|---|---|
| 3435 * "in_compl_func" is TRUE when called from complete_check(). | 3435 * "in_compl_func" is TRUE when called from complete_check(). |
| 3436 */ | 3436 */ |
| 3437 void | 3437 void |
| 3438 ins_compl_insert(int in_compl_func) | 3438 ins_compl_insert(int in_compl_func) |
| 3439 { | 3439 { |
| 3440 ins_bytes(compl_shown_match->cp_str + ins_compl_len()); | 3440 int compl_len = ins_compl_len(); |
| 3441 | |
| 3442 // Make sure we don't go over the end of the string, this can happen with | |
| 3443 // illegal bytes. | |
| 3444 if (compl_len < (int)STRLEN(compl_shown_match->cp_str)) | |
| 3445 ins_bytes(compl_shown_match->cp_str + compl_len); | |
| 3441 if (compl_shown_match->cp_flags & CP_ORIGINAL_TEXT) | 3446 if (compl_shown_match->cp_flags & CP_ORIGINAL_TEXT) |
| 3442 compl_used_match = FALSE; | 3447 compl_used_match = FALSE; |
| 3443 else | 3448 else |
| 3444 compl_used_match = TRUE; | 3449 compl_used_match = TRUE; |
| 3445 #ifdef FEAT_EVAL | 3450 #ifdef FEAT_EVAL |