Mercurial > vim

changeset 4111:918d7df425af v7.3.809

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
updated for version 7.3.809 Problem: The dosinst.c program has a buffer overflow. (Thomas Gwae) Solution: Ignore $VIMRUNTIME if it is too long.
author Bram Moolenaar <bram@vim.org>
date Wed, 13 Feb 2013 14:36:44 +0100
parents c7d9e3810d2e
children b3cfd82f44d9
files src/dosinst.c src/version.c
diffstat 2 files changed, 3 insertions(+), 1 deletions(-) [+]
line wrap: on
line diff
--- a/src/dosinst.c
+++ b/src/dosinst.c
@@ -375,7 +375,7 @@ get_vim_env(void)
 
     /* First get $VIMRUNTIME.  If it's set, remove the tail. */
     vim = getenv("VIMRUNTIME");
-    if (vim != NULL && *vim != 0)
+    if (vim != NULL && *vim != 0 && strlen(vim) < BUFSIZE)
     {
 	strcpy(buf, vim);
 	remove_tail(buf);
--- a/src/version.c
+++ b/src/version.c
@@ -726,6 +726,8 @@ static char *(features[]) =
 static int included_patches[] =
 {   /* Add new patch number below this line */
 /**/
+    809,
+/**/
     808,
 /**/
     807,