Mercurial > vim

changeset 2556:e065501c703a vim73

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Fix illegal memory access when using expressions in the command line.
author Bram Moolenaar <bram@vim.org>
date Fri, 13 Aug 2010 16:51:26 +0200
parents b2221695af44
children 029ace8dff7d
files runtime/doc/todo.txt src/ex_getln.c
diffstat 2 files changed, 4 insertions(+), 3 deletions(-) [+]
line wrap: on
line diff
--- a/runtime/doc/todo.txt
+++ b/runtime/doc/todo.txt
@@ -30,8 +30,6 @@ be worked on, but only if you sponsor Vi
 							*known-bugs*
 -------------------- Known bugs and current work -----------------------
 
-Patch for crash with cmdline editing functions. (Dominique Pelle, 2010 Aug 12)
-
 Have a close look at :find completion, anything that could be wrong?
 
 Test 73 fails on MS-Windows when compiled with DJGPP and run twice.  How to
--- a/src/ex_getln.c
+++ b/src/ex_getln.c
@@ -2527,7 +2527,10 @@ realloc_cmdbuff(len)
 	ccline.cmdbuff = p;		/* keep the old one */
 	return FAIL;
     }
-    mch_memmove(ccline.cmdbuff, p, (size_t)ccline.cmdlen + 1);
+    /* There isn't always a NUL after the command, but it may need to be
+     * there, thus copy up to the NUL and add a NUL. */
+    mch_memmove(ccline.cmdbuff, p, (size_t)ccline.cmdlen);
+    ccline.cmdbuff[ccline.cmdlen] = NUL;
     vim_free(p);
 
     if (ccline.xpc != NULL