Mercurial > vim
changeset 31475:9ef91bdd1ab4 v9.0.1070
patch 9.0.1070: reading beyond array size
Commit: https://github.com/vim/vim/commit/b26461715be41653e5982e72c794294702ecded9
Author: Bram Moolenaar <Bram@vim.org>
Date: Sat Dec 17 15:35:43 2022 +0000
patch 9.0.1070: reading beyond array size
Problem: Reading beyond array size.
Solution: Only use name[0] and name[1], do not use "name" as a string.
| author | Bram Moolenaar <Bram@vim.org> |
|---|---|
| date | Sat, 17 Dec 2022 16:45:03 +0100 |
| parents | c6078addcd8d |
| children | 01782143b237 |
| files | src/term.c src/version.c |
| diffstat | 2 files changed, 9 insertions(+), 5 deletions(-) [+] |
line wrap: on
line diff
--- a/src/term.c +++ b/src/term.c @@ -4389,7 +4389,8 @@ clear_termcodes(void) #define ATC_FROM_TERM 55 /* - * Add a new entry to the list of terminal codes. + * Add a new entry for "name[2]" to the list of terminal codes. + * Note that "name" may not have a terminating NUL. * The list is kept alphabetical for ":set termcap" * "flags" is TRUE when replacing 7-bit by 8-bit controls is desired. * "flags" can also be ATC_FROM_TERM for got_code_from_term(). @@ -4497,7 +4498,8 @@ add_termcode(char_u *name, char_u *strin { // They are equal but for the ";*": don't add it. #ifdef FEAT_EVAL - ch_log(NULL, "Termcap entry %s did not change", name); + ch_log(NULL, "Termcap entry %c%c did not change", + name[0], name[1]); #endif vim_free(s); return; @@ -4507,8 +4509,8 @@ add_termcode(char_u *name, char_u *strin { // Replace old code. #ifdef FEAT_EVAL - ch_log(NULL, "Termcap entry %s was: %s", - name, termcodes[i].code); + ch_log(NULL, "Termcap entry %c%c was: %s", + name[0], name[1], termcodes[i].code); #endif vim_free(termcodes[i].code); --tc_len; @@ -4528,7 +4530,7 @@ add_termcode(char_u *name, char_u *strin } #ifdef FEAT_EVAL - ch_log(NULL, "%s termcap entry %s to %s", action, name, s); + ch_log(NULL, "%s termcap entry %c%c to %s", action, name[0], name[1], s); #endif termcodes[i].name[0] = name[0]; termcodes[i].name[1] = name[1];