To: vim_dev@googlegroups.com Subject: Patch 8.1.1344 Fcc: outbox From: Bram Moolenaar Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ------------ Patch 8.1.1344 Problem: Coverity complains about possibly using a NULL pointer and copying a string into a fixed size buffer. Solution: Check for NULL, even though it should not happen. Use vim_strncpy() instead of strcpy(). Files: src/change.c, src/memline.c *** ../vim-8.1.1343/src/change.c 2019-05-16 22:11:43.715228803 +0200 --- src/change.c 2019-05-18 12:57:47.900688848 +0200 *************** *** 193,204 **** // can be merged. di = dict_find(li->li_tv.vval.v_dict, (char_u *)"end", -1); ! nr = tv_get_number(&di->di_tv); ! if (lnume > nr) ! di->di_tv.vval.v_number = lnume; di = dict_find(li->li_tv.vval.v_dict, (char_u *)"added", -1); ! di->di_tv.vval.v_number += xtra; return TRUE; } } --- 193,208 ---- // can be merged. di = dict_find(li->li_tv.vval.v_dict, (char_u *)"end", -1); ! if (di != NULL) ! { ! nr = tv_get_number(&di->di_tv); ! if (lnume > nr) ! di->di_tv.vval.v_number = lnume; ! } di = dict_find(li->li_tv.vval.v_dict, (char_u *)"added", -1); ! if (di != NULL) ! di->di_tv.vval.v_number += xtra; return TRUE; } } *** ../vim-8.1.1343/src/memline.c 2019-05-16 22:11:43.715228803 +0200 --- src/memline.c 2019-05-18 13:00:57.263700482 +0200 *************** *** 1874,1880 **** } } ! /* check for out-of-memory */ for (i = 0; i < num_names; ++i) { if (names[i] == NULL) --- 1874,1880 ---- } } ! // check for out-of-memory for (i = 0; i < num_names; ++i) { if (names[i] == NULL) *************** *** 2101,2107 **** # endif /* MSVC returns NULL for an invalid value of seconds. */ if (curtime == NULL) ! STRCPY(buf, _("(Invalid)")); else (void)strftime(buf, sizeof(buf) - 1, "%a %b %d %H:%M:%S %Y", curtime); #else --- 2101,2107 ---- # endif /* MSVC returns NULL for an invalid value of seconds. */ if (curtime == NULL) ! vim_strncpy((char_u *)buf, (char_u *)_("(Invalid)"), sizeof(buf) - 1); else (void)strftime(buf, sizeof(buf) - 1, "%a %b %d %H:%M:%S %Y", curtime); #else *************** *** 3374,3380 **** if (newline != NULL) { mch_memmove(newline, line, len); ! mch_memmove(newline + len, curbuf->b_ml.ml_line_ptr + oldtextlen, textproplen); vim_free(line); line = newline; len += (colnr_T)textproplen; --- 3374,3381 ---- if (newline != NULL) { mch_memmove(newline, line, len); ! mch_memmove(newline + len, curbuf->b_ml.ml_line_ptr ! + oldtextlen, textproplen); vim_free(line); line = newline; len += (colnr_T)textproplen; *** ../vim-8.1.1343/src/version.c 2019-05-17 22:57:06.940157515 +0200 --- src/version.c 2019-05-18 13:04:34.158541027 +0200 *************** *** 769,770 **** --- 769,772 ---- { /* Add new patch number below this line */ + /**/ + 1344, /**/ -- Our job was to build a computer information system for the branch banks. We were the perfect people for the job: Dean had seen a computer once, and I had heard Dean talk about it. (Scott Adams - The Dilbert principle) /// Bram Moolenaar -- Bram@Moolenaar.net -- http://www.Moolenaar.net \\\ /// sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\ \\\ an exciting new programming language -- http://www.Zimbu.org /// \\\ help me help AIDS victims -- http://ICCF-Holland.org ///