Mercurial > vim

diff src/mbyte.c @ 1658:630eca9496e0 v7.2a.010

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
updated for version 7.2a-010
author vimboss
date Sun, 29 Jun 2008 14:16:06 +0000
parents 73fe8baea242
children 0b796e045c42
line wrap: on
line diff
--- a/src/mbyte.c
+++ b/src/mbyte.c
@@ -1387,7 +1387,7 @@ utf_ptr2char(p)
 	return p[0];
 
     len = utf8len_tab[p[0]];
-    if ((p[1] & 0xc0) == 0x80)
+    if (len > 1 && (p[1] & 0xc0) == 0x80)
     {
 	if (len == 2)
 	    return ((p[0] & 0x1f) << 6) + (p[1] & 0x3f);
@@ -1753,14 +1753,27 @@ utfc_ptr2len_len(p, size)
 #endif
     while (len < size)
     {
-	if (p[len] < 0x80 || !UTF_COMPOSINGLIKE(p + prevlen, p + len))
+	int	len_next_char;
+
+	if (p[len] < 0x80)
+	    break;
+
+	/*
+	 * Next character length should not go beyond size to ensure that
+	 * UTF_COMPOSINGLIKE(...) does not read beyond size.
+	 */
+	len_next_char = utf_ptr2len_len(p + len, size - len);
+	if (len_next_char > size - len)
+	    break;
+
+	if (!UTF_COMPOSINGLIKE(p + prevlen, p + len))
 	    break;
 
 	/* Skip over composing char */
 #ifdef FEAT_ARABIC
 	prevlen = len;
 #endif
-	len += utf_ptr2len_len(p + len, size - len);
+	len += len_next_char;
     }
     return len;
 }