To: vim_dev@googlegroups.com Subject: Patch 7.3.371 Fcc: outbox From: Bram Moolenaar Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ------------ Patch 7.3.371 Problem: Crash in autocomplete. (Greg Weber) Solution: Check not going over allocated buffer size. Files: src/misc2.c *** ../vim-7.3.370/src/misc2.c 2011-10-26 11:40:56.000000000 +0200 --- src/misc2.c 2011-12-08 17:49:23.000000000 +0100 *************** *** 4293,4298 **** --- 4293,4300 ---- static int ff_path_in_stoplist __ARGS((char_u *, int, char_u **)); #endif + static char_u e_pathtoolong[] = N_("E854: path too long for completion"); + #if 0 /* * if someone likes findfirst/findnext, here are the functions *************** *** 4589,4594 **** --- 4591,4601 ---- len = 0; while (*wc_part != NUL) { + if (len + 5 >= MAXPATHL) + { + EMSG(_(e_pathtoolong)); + break; + } if (STRNCMP(wc_part, "**", 2) == 0) { ff_expand_buffer[len++] = *wc_part++; *************** *** 4634,4639 **** --- 4641,4652 ---- } /* create an absolute path */ + if (STRLEN(search_ctx->ffsc_start_dir) + + STRLEN(search_ctx->ffsc_fix_path) + 3 >= MAXPATHL) + { + EMSG(_(e_pathtoolong)); + goto error_return; + } STRCPY(ff_expand_buffer, search_ctx->ffsc_start_dir); add_pathsep(ff_expand_buffer); STRCAT(ff_expand_buffer, search_ctx->ffsc_fix_path); *** ../vim-7.3.370/src/version.c 2011-12-08 16:00:12.000000000 +0100 --- src/version.c 2011-12-08 17:46:41.000000000 +0100 *************** *** 716,717 **** --- 716,719 ---- { /* Add new patch number below this line */ + /**/ + 371, /**/ -- hundred-and-one symptoms of being an internet addict: 253. You wait for a slow loading web page before going to the toilet. /// Bram Moolenaar -- Bram@Moolenaar.net -- http://www.Moolenaar.net \\\ /// sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\ \\\ an exciting new programming language -- http://www.Zimbu.org /// \\\ help me help AIDS victims -- http://ICCF-Holland.org ///