rpms / vim

Clone
Source Code
GIT

Blame 7.4.624

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s c9 c9-beta c9s-sig-hyperscale
  1.   cbb79ad052e6bf0a6df34475d46b5a33d10bc02e
  2.   7.4.624
Blob History Raw
Karsten Hopp 9637f2 
To: vim_dev@googlegroups.com
Karsten Hopp 9637f2 
Subject: Patch 7.4.624
Karsten Hopp 9637f2 
Fcc: outbox
Karsten Hopp 9637f2 
From: Bram Moolenaar <Bram@moolenaar.net>
Karsten Hopp 9637f2 
Mime-Version: 1.0
Karsten Hopp 9637f2 
Content-Type: text/plain; charset=UTF-8
Karsten Hopp 9637f2 
Content-Transfer-Encoding: 8bit
Karsten Hopp 9637f2 
------------
Karsten Hopp 9637f2
Karsten Hopp 9637f2 
Patch 7.4.624
Karsten Hopp 9637f2 
Problem:    May leak memory or crash when vim_realloc() returns NULL.
Karsten Hopp 9637f2 
Solution:   Handle a NULL value properly. (Mike Williams)
Karsten Hopp 9637f2 
Files:	    src/if_cscope.c, src/memline.c, src/misc1.c, src/netbeans.c
Karsten Hopp 9637f2
Karsten Hopp 9637f2
Karsten Hopp 9637f2 
*** ../vim-7.4.623/src/if_cscope.c	2014-12-13 03:20:10.539067382 +0100
Karsten Hopp 9637f2 
--- src/if_cscope.c	2015-02-10 18:33:14.764816257 +0100
Karsten Hopp 9637f2 
***************
Karsten Hopp 9637f2 
*** 1507,1515 ****
Karsten Hopp 9637f2 
--- 1507,1522 ----
Karsten Hopp 9637f2 
  	}
Karsten Hopp 9637f2 
  	else
Karsten Hopp 9637f2 
  	{
Karsten Hopp 9637f2 
+ 	    csinfo_T *t_csinfo = csinfo;
Karsten Hopp 9637f2 
+
Karsten Hopp 9637f2 
  	    /* Reallocate space for more connections. */
Karsten Hopp 9637f2 
  	    csinfo_size *= 2;
Karsten Hopp 9637f2 
  	    csinfo = vim_realloc(csinfo, sizeof(csinfo_T)*csinfo_size);
Karsten Hopp 9637f2 
+ 	    if (csinfo == NULL)
Karsten Hopp 9637f2 
+ 	    {
Karsten Hopp 9637f2 
+ 		vim_free(t_csinfo);
Karsten Hopp 9637f2 
+ 		csinfo_size = 0;
Karsten Hopp 9637f2 
+ 	    }
Karsten Hopp 9637f2 
  	}
Karsten Hopp 9637f2 
  	if (csinfo == NULL)
Karsten Hopp 9637f2 
  	    return -1;
Karsten Hopp 9637f2 
***************
Karsten Hopp 9637f2 
*** 2059,2064 ****
Karsten Hopp 9637f2 
--- 2066,2072 ----
Karsten Hopp 9637f2 
      int num_matches;
Karsten Hopp 9637f2 
  {
Karsten Hopp 9637f2 
      char	*buf = NULL;
Karsten Hopp 9637f2 
+     char	*t_buf;
Karsten Hopp 9637f2 
      int		bufsize = 0; /* Track available bufsize */
Karsten Hopp 9637f2 
      int		newsize = 0;
Karsten Hopp 9637f2 
      char	*ptag;
Karsten Hopp 9637f2 
***************
Karsten Hopp 9637f2 
*** 2120,2128 ****
Karsten Hopp 9637f2 
--- 2128,2140 ----
Karsten Hopp 9637f2 
  	newsize = (int)(strlen(csfmt_str) + 16 + strlen(lno));
Karsten Hopp 9637f2 
  	if (bufsize < newsize)
Karsten Hopp 9637f2 
  	{
Karsten Hopp 9637f2 
+ 	    t_buf = buf;
Karsten Hopp 9637f2 
  	    buf = (char *)vim_realloc(buf, newsize);
Karsten Hopp 9637f2 
  	    if (buf == NULL)
Karsten Hopp 9637f2 
+ 	    {
Karsten Hopp 9637f2 
  		bufsize = 0;
Karsten Hopp 9637f2 
+ 		vim_free(t_buf);
Karsten Hopp 9637f2 
+ 	    }
Karsten Hopp 9637f2 
  	    else
Karsten Hopp 9637f2 
  		bufsize = newsize;
Karsten Hopp 9637f2 
  	}
Karsten Hopp 9637f2 
***************
Karsten Hopp 9637f2 
*** 2143,2151 ****
Karsten Hopp 9637f2 
--- 2155,2167 ----
Karsten Hopp 9637f2
Karsten Hopp 9637f2 
  	if (bufsize < newsize)
Karsten Hopp 9637f2 
  	{
Karsten Hopp 9637f2 
+ 	    t_buf = buf;
Karsten Hopp 9637f2 
  	    buf = (char *)vim_realloc(buf, newsize);
Karsten Hopp 9637f2 
  	    if (buf == NULL)
Karsten Hopp 9637f2 
+ 	    {
Karsten Hopp 9637f2 
  		bufsize = 0;
Karsten Hopp 9637f2 
+ 		vim_free(t_buf);
Karsten Hopp 9637f2 
+ 	    }
Karsten Hopp 9637f2 
  	    else
Karsten Hopp 9637f2 
  		bufsize = newsize;
Karsten Hopp 9637f2 
  	}
Karsten Hopp 9637f2 
*** ../vim-7.4.623/src/memline.c	2014-08-13 21:58:24.824885492 +0200
Karsten Hopp 9637f2 
--- src/memline.c	2015-02-10 18:26:23.158126542 +0100
Karsten Hopp 9637f2 
***************
Karsten Hopp 9637f2 
*** 5057,5062 ****
Karsten Hopp 9637f2 
--- 5057,5064 ----
Karsten Hopp 9637f2 
  	/* May resize here so we don't have to do it in both cases below */
Karsten Hopp 9637f2 
  	if (buf->b_ml.ml_usedchunks + 1 >= buf->b_ml.ml_numchunks)
Karsten Hopp 9637f2 
  	{
Karsten Hopp 9637f2 
+ 	    chunksize_T *t_chunksize = buf->b_ml.ml_chunksize;
Karsten Hopp 9637f2 
+
Karsten Hopp 9637f2 
  	    buf->b_ml.ml_numchunks = buf->b_ml.ml_numchunks * 3 / 2;
Karsten Hopp 9637f2 
  	    buf->b_ml.ml_chunksize = (chunksize_T *)
Karsten Hopp 9637f2 
  		vim_realloc(buf->b_ml.ml_chunksize,
Karsten Hopp 9637f2 
***************
Karsten Hopp 9637f2 
*** 5064,5069 ****
Karsten Hopp 9637f2 
--- 5066,5072 ----
Karsten Hopp 9637f2 
  	    if (buf->b_ml.ml_chunksize == NULL)
Karsten Hopp 9637f2 
  	    {
Karsten Hopp 9637f2 
  		/* Hmmmm, Give up on offset for this buffer */
Karsten Hopp 9637f2 
+ 		vim_free(t_chunksize);
Karsten Hopp 9637f2 
  		buf->b_ml.ml_usedchunks = -1;
Karsten Hopp 9637f2 
  		return;
Karsten Hopp 9637f2 
  	    }
Karsten Hopp 9637f2 
*** ../vim-7.4.623/src/misc1.c	2014-08-29 12:58:38.246430208 +0200
Karsten Hopp 9637f2 
--- src/misc1.c	2015-02-10 18:26:35.405968505 +0100
Karsten Hopp 9637f2 
***************
Karsten Hopp 9637f2 
*** 3431,3440 ****
Karsten Hopp 9637f2 
--- 3431,3444 ----
Karsten Hopp 9637f2 
  	    buf = alloc(buflen);
Karsten Hopp 9637f2 
  	else if (maxlen < 10)
Karsten Hopp 9637f2 
  	{
Karsten Hopp 9637f2 
+ 	    char_u  *t_buf = buf;
Karsten Hopp 9637f2 
+
Karsten Hopp 9637f2 
  	    /* Need some more space. This might happen when receiving a long
Karsten Hopp 9637f2 
  	     * escape sequence. */
Karsten Hopp 9637f2 
  	    buflen += 100;
Karsten Hopp 9637f2 
  	    buf = vim_realloc(buf, buflen);
Karsten Hopp 9637f2 
+ 	    if (buf == NULL)
Karsten Hopp 9637f2 
+ 		vim_free(t_buf);
Karsten Hopp 9637f2 
  	    maxlen = (buflen - 6 - len) / 3;
Karsten Hopp 9637f2 
  	}
Karsten Hopp 9637f2 
  	if (buf == NULL)
Karsten Hopp 9637f2 
*** ../vim-7.4.623/src/netbeans.c	2014-03-23 15:12:29.927264336 +0100
Karsten Hopp 9637f2 
--- src/netbeans.c	2015-02-10 18:27:18.693409965 +0100
Karsten Hopp 9637f2 
***************
Karsten Hopp 9637f2 
*** 1080,1089 ****
Karsten Hopp 9637f2 
--- 1080,1097 ----
Karsten Hopp 9637f2 
      {
Karsten Hopp 9637f2 
  	if (bufno >= buf_list_size) /* grow list */
Karsten Hopp 9637f2 
  	{
Karsten Hopp 9637f2 
+ 	    nbbuf_T *t_buf_list = buf_list;
Karsten Hopp 9637f2 
+
Karsten Hopp 9637f2 
  	    incr = bufno - buf_list_size + 90;
Karsten Hopp 9637f2 
  	    buf_list_size += incr;
Karsten Hopp 9637f2 
  	    buf_list = (nbbuf_T *)vim_realloc(
Karsten Hopp 9637f2 
  				   buf_list, buf_list_size * sizeof(nbbuf_T));
Karsten Hopp 9637f2 
+ 	    if (buf_list == NULL)
Karsten Hopp 9637f2 
+ 	    {
Karsten Hopp 9637f2 
+ 		vim_free(t_buf_list);
Karsten Hopp 9637f2 
+ 		buf_list_size = 0;
Karsten Hopp 9637f2 
+ 		return NULL;
Karsten Hopp 9637f2 
+ 	    }
Karsten Hopp 9637f2 
  	    vim_memset(buf_list + buf_list_size - incr, 0,
Karsten Hopp 9637f2 
  						      incr * sizeof(nbbuf_T));
Karsten Hopp 9637f2 
  	}
Karsten Hopp 9637f2 
***************
Karsten Hopp 9637f2 
*** 3678,3688 ****
Karsten Hopp 9637f2 
--- 3686,3703 ----
Karsten Hopp 9637f2 
  	    {
Karsten Hopp 9637f2 
  		int incr;
Karsten Hopp 9637f2 
  		int oldlen = globalsignmaplen;
Karsten Hopp 9637f2 
+ 		char **t_globalsignmap = globalsignmap;
Karsten Hopp 9637f2
Karsten Hopp 9637f2 
  		globalsignmaplen *= 2;
Karsten Hopp 9637f2 
  		incr = globalsignmaplen - oldlen;
Karsten Hopp 9637f2 
  		globalsignmap = (char **)vim_realloc(globalsignmap,
Karsten Hopp 9637f2 
  					   globalsignmaplen * sizeof(char *));
Karsten Hopp 9637f2 
+ 		if (globalsignmap == NULL)
Karsten Hopp 9637f2 
+ 		{
Karsten Hopp 9637f2 
+ 		    vim_free(t_globalsignmap);
Karsten Hopp 9637f2 
+ 		    globalsignmaplen = 0;
Karsten Hopp 9637f2 
+ 		    return;
Karsten Hopp 9637f2 
+ 		}
Karsten Hopp 9637f2 
  		vim_memset(globalsignmap + oldlen, 0, incr * sizeof(char *));
Karsten Hopp 9637f2 
  	    }
Karsten Hopp 9637f2 
  	}
Karsten Hopp 9637f2 
***************
Karsten Hopp 9637f2 
*** 3708,3718 ****
Karsten Hopp 9637f2 
--- 3723,3740 ----
Karsten Hopp 9637f2 
  	{
Karsten Hopp 9637f2 
  	    int incr;
Karsten Hopp 9637f2 
  	    int oldlen = buf->signmaplen;
Karsten Hopp 9637f2 
+ 	    int *t_signmap = buf->signmap;
Karsten Hopp 9637f2
Karsten Hopp 9637f2 
  	    buf->signmaplen *= 2;
Karsten Hopp 9637f2 
  	    incr = buf->signmaplen - oldlen;
Karsten Hopp 9637f2 
  	    buf->signmap = (int *)vim_realloc(buf->signmap,
Karsten Hopp 9637f2 
  					       buf->signmaplen * sizeof(int));
Karsten Hopp 9637f2 
+ 	    if (buf->signmap == NULL)
Karsten Hopp 9637f2 
+ 	    {
Karsten Hopp 9637f2 
+ 		vim_free(t_signmap);
Karsten Hopp 9637f2 
+ 		buf->signmaplen = 0;
Karsten Hopp 9637f2 
+ 		return;
Karsten Hopp 9637f2 
+ 	    }
Karsten Hopp 9637f2 
  	    vim_memset(buf->signmap + oldlen, 0, incr * sizeof(int));
Karsten Hopp 9637f2 
  	}
Karsten Hopp 9637f2 
      }
Karsten Hopp 9637f2 
*** ../vim-7.4.623/src/version.c	2015-02-10 18:18:13.004452406 +0100
Karsten Hopp 9637f2 
--- src/version.c	2015-02-10 18:21:29.697913596 +0100
Karsten Hopp 9637f2 
***************
Karsten Hopp 9637f2 
*** 743,744 ****
Karsten Hopp 9637f2 
--- 743,746 ----
Karsten Hopp 9637f2 
  {   /* Add new patch number below this line */
Karsten Hopp 9637f2 
+ /**/
Karsten Hopp 9637f2 
+     624,
Karsten Hopp 9637f2 
  /**/
Karsten Hopp 9637f2
Karsten Hopp 9637f2 
--
Karsten Hopp 9637f2 
hundred-and-one symptoms of being an internet addict:
Karsten Hopp 9637f2 
211. Your husband leaves you...taking the computer with him and you
Karsten Hopp 9637f2 
     call him crying, and beg him to bring the computer back.
Karsten Hopp 9637f2
Karsten Hopp 9637f2 
 /// Bram Moolenaar -- Bram@Moolenaar.net -- http://www.Moolenaar.net   \\\
Karsten Hopp 9637f2 
///        sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\
Karsten Hopp 9637f2 
\\\  an exciting new programming language -- http://www.Zimbu.org        ///
Karsten Hopp 9637f2 
 \\\            help me help AIDS victims -- http://ICCF-Holland.org    ///

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation