Mercurial > vim

diff src/viminfo.c @ 25589:50f8204eb8f7 v8.2.3331

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
patch 8.2.3331: Coverity warns for using value without boundary check Commit: https://github.com/vim/vim/commit/ed7cb2df35244e40e5c4df06169b50e705427576 Author: Bram Moolenaar <Bram@vim.org> Date: Wed Aug 11 17:13:54 2021 +0200 patch 8.2.3331: Coverity warns for using value without boundary check Problem: Coverity warns for using value without boundary check. Solution: Add a boundary check.
author Bram Moolenaar <Bram@vim.org>
date Wed, 11 Aug 2021 17:15:05 +0200
parents 763ea8f075db
children 255bc9a08e58
line wrap: on
line diff
--- a/src/viminfo.c
+++ b/src/viminfo.c
@@ -253,17 +253,18 @@ viminfo_readstring(
     int		off,		    // offset for virp->vir_line
     int		convert UNUSED)	    // convert the string
 {
-    char_u	*retval;
+    char_u	*retval = NULL;
     char_u	*s, *d;
     long	len;
 
     if (virp->vir_line[off] == Ctrl_V && vim_isdigit(virp->vir_line[off + 1]))
     {
 	len = atol((char *)virp->vir_line + off + 1);
-	retval = lalloc(len, TRUE);
+	if (len > 0 && len < 1000000)
+	    retval = lalloc(len, TRUE);
 	if (retval == NULL)
 	{
-	    // Line too long?  File messed up?  Skip next line.
+	    // Invalid length, line too long, out of memory?  Skip next line.
 	    (void)vim_fgets(virp->vir_line, 10, virp->vir_fd);
 	    return NULL;
 	}