Mercurial > vim

changeset 4454:44b89b025cdf v7.3.975

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
updated for version 7.3.975 Problem: Crash in regexp parsing. Solution: Correctly compute the end of allocated memory.
author Bram Moolenaar <bram@vim.org>
date Mon, 20 May 2013 13:44:29 +0200
parents f995990e6d46
children 7a8ab72ac35e
files src/regexp_nfa.c src/version.c
diffstat 2 files changed, 9 insertions(+), 2 deletions(-) [+]
line wrap: on
line diff
--- a/src/regexp_nfa.c
+++ b/src/regexp_nfa.c
@@ -231,14 +231,19 @@ nfa_regcomp_start(expr, re_flags)
     /* A reasonable estimation for size */
     nstate_max = (STRLEN(expr) + 1) * NFA_POSTFIX_MULTIPLIER;
 
-    /* Size for postfix representation of expr */
+    /* Some items blow up in size, such as [A-z].  Add more space for that.
+     * TODO: some patterns may still fail. */
+//    nstate_max += 1000;
+
+    /* Size for postfix representation of expr. */
     postfix_size = sizeof(*post_start) * nstate_max;
+
     post_start = (int *)lalloc(postfix_size, TRUE);
     if (post_start == NULL)
 	return FAIL;
     vim_memset(post_start, 0, postfix_size);
     post_ptr = post_start;
-    post_end = post_start + postfix_size;
+    post_end = post_start + nstate_max;
     nfa_has_zend = FALSE;
 
     regcomp_start(expr, re_flags);
--- a/src/version.c
+++ b/src/version.c
@@ -729,6 +729,8 @@ static char *(features[]) =
 static int included_patches[] =
 {   /* Add new patch number below this line */
 /**/
+    975,
+/**/
     974,
 /**/
     973,