# HG changeset patch
# User Bram Moolenaar <bram@vim.org>
# Date 1360762604 -3600
# Node ID 918d7df425afb77261428968ae646efb95b15224
# Parent  c7d9e3810d2eab1c73e5b8446f23518ce5d2e352
updated for version 7.3.809
Problem:    The dosinst.c program has a buffer overflow. (Thomas Gwae)
Solution:   Ignore $VIMRUNTIME if it is too long.

diff --git a/src/dosinst.c b/src/dosinst.c
--- a/src/dosinst.c
+++ b/src/dosinst.c
@@ -375,7 +375,7 @@ get_vim_env(void)
 
     /* First get $VIMRUNTIME.  If it's set, remove the tail. */
     vim = getenv("VIMRUNTIME");
-    if (vim != NULL && *vim != 0)
+    if (vim != NULL && *vim != 0 && strlen(vim) < BUFSIZE)
     {
 	strcpy(buf, vim);
 	remove_tail(buf);
diff --git a/src/version.c b/src/version.c
--- a/src/version.c
+++ b/src/version.c
@@ -726,6 +726,8 @@ static char *(features[]) =
 static int included_patches[] =
 {   /* Add new patch number below this line */
 /**/
+    809,
+/**/
     808,
 /**/
     807,