47 lines
1.4 KiB
Diff
47 lines
1.4 KiB
Diff
From b9e717367c395490149495cf375911b5d9de889e Mon Sep 17 00:00:00 2001
|
|
From: Bram Moolenaar <Bram@vim.org>
|
|
Date: Sat, 23 Jul 2022 06:53:08 +0100
|
|
Subject: [PATCH] patch 9.0.0060: accessing uninitialized memory when
|
|
completing long line
|
|
|
|
Problem: Accessing uninitialized memory when completing long line.
|
|
Solution: Terminate string with NUL.
|
|
---
|
|
src/insexpand.c | 1 +
|
|
src/testdir/test_ins_complete.vim | 7 +++++++
|
|
2 files changed, 8 insertions(+)
|
|
|
|
diff --git a/src/insexpand.c b/src/insexpand.c
|
|
index b49a631..c505158 100644
|
|
--- a/src/insexpand.c
|
|
+++ b/src/insexpand.c
|
|
@@ -642,6 +642,7 @@ ins_compl_infercase_gettext(
|
|
// growarray. Add the character in the next round.
|
|
if (ga_grow(&gap, IOSIZE) == FAIL)
|
|
return (char_u *)"[failed]";
|
|
+ *p = NUL;
|
|
STRCPY(gap.ga_data, IObuff);
|
|
gap.ga_len = (int)STRLEN(IObuff);
|
|
}
|
|
diff --git a/src/testdir/test_ins_complete.vim b/src/testdir/test_ins_complete.vim
|
|
index 2be6d06..7bebc5d 100644
|
|
--- a/src/testdir/test_ins_complete.vim
|
|
+++ b/src/testdir/test_ins_complete.vim
|
|
@@ -2108,6 +2108,13 @@ func Test_infercase_very_long_line()
|
|
exe "normal 2Go\<C-X>\<C-L>\<Esc>"
|
|
call assert_equal(longLine, getline(3))
|
|
|
|
+ " check that the too long text is NUL terminated
|
|
+ %del
|
|
+ norm o
|
|
+ norm 1987ax
|
|
+ exec "norm ox\<C-X>\<C-L>"
|
|
+ call assert_equal(repeat('x', 1987), getline(3))
|
|
+
|
|
bwipe!
|
|
set noic noinfercase
|
|
endfunc
|
|
--
|
|
1.8.3.1
|
|
|