# HG changeset patch # User Bram Moolenaar # Date 1269354995 -3600 # Node ID dc8a5699253b833ec796460f9ac877d02ab7b165 # Parent b1706a94f9f9638cc0ecb624dd7519cc9beb6ca1 updated for version 7.2.406 Problem: Patch 7.2.119 introduces uninit mem read. (Dominique Pelle) Solution: Only used ScreeenLinesC when ScreeenLinesUC is not zero. (Yukihiro Nakadaira) Also clear ScreeenLinesC when allocating. diff --git a/src/screen.c b/src/screen.c --- a/src/screen.c +++ b/src/screen.c @@ -25,10 +25,11 @@ * one character which occupies two display cells. * For UTF-8 a multi-byte character is converted to Unicode and stored in * ScreenLinesUC[]. ScreenLines[] contains the first byte only. For an ASCII - * character without composing chars ScreenLinesUC[] will be 0. When the - * character occupies two display cells the next byte in ScreenLines[] is 0. + * character without composing chars ScreenLinesUC[] will be 0 and + * ScreenLinesC[][] is not used. When the character occupies two display + * cells the next byte in ScreenLines[] is 0. * ScreenLinesC[][] contain up to 'maxcombine' composing characters - * (drawn on top of the first character). They are 0 when not used. + * (drawn on top of the first character). There is 0 after the last one used. * ScreenLines2[] is only used for euc-jp to store the second byte if the * first byte is 0x8e (single-width character). * @@ -4893,6 +4894,7 @@ static int comp_char_differs __ARGS((int /* * Return if the composing characters at "off_from" and "off_to" differ. + * Only to be used when ScreenLinesUC[off_from] != 0. */ static int comp_char_differs(off_from, off_to) @@ -6281,6 +6283,7 @@ static int screen_comp_differs __ARGS((i /* * Return TRUE if composing characters for screen posn "off" differs from * composing characters in "u8cc". + * Only to be used when ScreenLinesUC[off] != 0. */ static int screen_comp_differs(off, u8cc) @@ -6461,8 +6464,10 @@ screen_puts_len(text, len, row, col, att && c == 0x8e && ScreenLines2[off] != ptr[1]) || (enc_utf8 - && (ScreenLinesUC[off] != (u8char_T)(c >= 0x80 ? u8c : 0) - || screen_comp_differs(off, u8cc))) + && (ScreenLinesUC[off] != + (u8char_T)(c < 0x80 && u8cc[0] == 0 ? 0 : u8c) + || (ScreenLinesUC[off] != 0 + && screen_comp_differs(off, u8cc)))) #endif || ScreenAttrs[off] != attr || exmode_active; @@ -7542,7 +7547,7 @@ retry: new_ScreenLinesUC = (u8char_T *)lalloc((long_u)( (Rows + 1) * Columns * sizeof(u8char_T)), FALSE); for (i = 0; i < p_mco; ++i) - new_ScreenLinesC[i] = (u8char_T *)lalloc((long_u)( + new_ScreenLinesC[i] = (u8char_T *)lalloc_clear((long_u)( (Rows + 1) * Columns * sizeof(u8char_T)), FALSE); } if (enc_dbcs == DBCS_JPNU) diff --git a/src/version.c b/src/version.c --- a/src/version.c +++ b/src/version.c @@ -682,6 +682,8 @@ static char *(features[]) = static int included_patches[] = { /* Add new patch number below this line */ /**/ + 406, +/**/ 405, /**/ 404,