To: vim_dev@googlegroups.com Subject: Patch 8.2.3331 Fcc: outbox From: Bram Moolenaar Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ------------ Patch 8.2.3331 Problem: Coverity warns for using value without boundary check. Solution: Add a boundary check. Files: src/viminfo.c *** ../vim-8.2.3330/src/viminfo.c 2021-08-08 15:43:30.109238223 +0200 --- src/viminfo.c 2021-08-11 17:13:44.532663626 +0200 *************** *** 253,269 **** int off, // offset for virp->vir_line int convert UNUSED) // convert the string { ! char_u *retval; char_u *s, *d; long len; if (virp->vir_line[off] == Ctrl_V && vim_isdigit(virp->vir_line[off + 1])) { len = atol((char *)virp->vir_line + off + 1); ! retval = lalloc(len, TRUE); if (retval == NULL) { ! // Line too long? File messed up? Skip next line. (void)vim_fgets(virp->vir_line, 10, virp->vir_fd); return NULL; } --- 253,270 ---- int off, // offset for virp->vir_line int convert UNUSED) // convert the string { ! char_u *retval = NULL; char_u *s, *d; long len; if (virp->vir_line[off] == Ctrl_V && vim_isdigit(virp->vir_line[off + 1])) { len = atol((char *)virp->vir_line + off + 1); ! if (len > 0 && len < 1000000) ! retval = lalloc(len, TRUE); if (retval == NULL) { ! // Invalid length, line too long, out of memory? Skip next line. (void)vim_fgets(virp->vir_line, 10, virp->vir_fd); return NULL; } *** ../vim-8.2.3330/src/version.c 2021-08-11 17:01:41.614253926 +0200 --- src/version.c 2021-08-11 17:13:07.540763021 +0200 *************** *** 757,758 **** --- 757,760 ---- { /* Add new patch number below this line */ + /**/ + 3331, /**/ -- There are three kinds of people: Those who can count & those who can't. /// Bram Moolenaar -- Bram@Moolenaar.net -- http://www.Moolenaar.net \\\ /// \\\ \\\ sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ /// \\\ help me help AIDS victims -- http://ICCF-Holland.org ///