rpms / vim

Clone
Source Code
GIT

Blame SOURCES/0001-patch-8.2.4218-illegal-memory-access-with-bracketed-.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s c9 c9-beta c9s-sig-hyperscale
  1.   c8-beta
  2.   SOURCES
  3.   0001-patch-8.2.4218-illegal-memory-access-with-bracketed-.patch
Blob History Raw
b6500d 
commit ec45bc7682fd698d8d39f43732129c4d092355f3
b6500d 
Author: Tomas Korbar <tkorbar@redhat.com>
b6500d 
Date:   Wed Feb 2 16:30:11 2022 +0100
b6500d
b6500d 
    Fix illegal memory access with bracketed paste in Ex mode
b6500d
b6500d 
diff --git a/src/edit.c b/src/edit.c
b6500d 
index f29fbc7..57b8dce 100644
b6500d 
--- a/src/edit.c
b6500d 
+++ b/src/edit.c
b6500d 
@@ -9519,27 +9519,33 @@ bracketed_paste(paste_mode_T mode, int drop, garray_T *gap)
b6500d 
     int		ret_char = -1;
b6500d 
     int		save_allow_keys = allow_keys;
b6500d 
     int		save_paste = p_paste;
b6500d 
-    int		save_ai = curbuf->b_p_ai;
b6500d
b6500d 
-    /* If the end code is too long we can't detect it, read everything. */
b6500d 
-    if (STRLEN(end) >= NUMBUFLEN)
b6500d 
+    // If the end code is too long we can't detect it, read everything.
b6500d 
+    if (end != NULL && STRLEN(end) >= NUMBUFLEN)
b6500d 
 	end = NULL;
b6500d 
     ++no_mapping;
b6500d 
     allow_keys = 0;
b6500d 
-    p_paste = TRUE;
b6500d 
-    curbuf->b_p_ai = FALSE;
b6500d 
+    if (!p_paste)
b6500d 
+	// Also have the side effects of setting 'paste' to make it work much
b6500d 
+	// faster.
b6500d 
+	set_option_value((char_u *)"paste", TRUE, NULL, 0);
b6500d
b6500d 
     for (;;)
b6500d 
     {
b6500d 
 	/* When the end is not defined read everything. */
b6500d 
 	if (end == NULL && vpeekc() == NUL)
b6500d 
 	    break;
b6500d 
-	c = plain_vgetc();
b6500d 
-#ifdef FEAT_MBYTE
b6500d 
+	do
b6500d 
+	    c = vgetc();
b6500d 
+	while (c == K_IGNORE || c == K_VER_SCROLLBAR || c == K_HOR_SCROLLBAR);
b6500d 
+	if (c == NUL || got_int || (ex_normal_busy > 0 && c == Ctrl_C))
b6500d 
+	    // When CTRL-C was encountered the typeahead will be flushed and we
b6500d 
+	    // won't get the end sequence.  Except when using ":normal".
b6500d 
+	    break;
b6500d 
+
b6500d 
 	if (has_mbyte)
b6500d 
 	    idx += (*mb_char2bytes)(c, buf + idx);
b6500d 
 	else
b6500d 
-#endif
b6500d 
 	    buf[idx++] = c;
b6500d 
 	buf[idx] = NUL;
b6500d 
 	if (end != NULL && STRNCMP(buf, end, idx) == 0)
b6500d 
@@ -9557,7 +9563,8 @@ bracketed_paste(paste_mode_T mode, int drop, garray_T *gap)
b6500d 
 		    break;
b6500d
b6500d 
 		case PASTE_EX:
b6500d 
-		    if (gap != NULL && ga_grow(gap, idx) == OK)
b6500d 
+		    // add one for the NUL that is going to be appended
b6500d 
+		    if (gap != NULL && ga_grow(gap, idx + 1) == OK)
b6500d 
 		    {
b6500d 
 			mch_memmove((char *)gap->ga_data + gap->ga_len,
b6500d 
 							     buf, (size_t)idx);
b6500d 
@@ -9582,11 +9589,9 @@ bracketed_paste(paste_mode_T mode, int drop, garray_T *gap)
b6500d 
 		case PASTE_ONE_CHAR:
b6500d 
 		    if (ret_char == -1)
b6500d 
 		    {
b6500d 
-#ifdef FEAT_MBYTE
b6500d 
 			if (has_mbyte)
b6500d 
 			    ret_char = (*mb_ptr2char)(buf);
b6500d 
 			else
b6500d 
-#endif
b6500d 
 			    ret_char = buf[0];
b6500d 
 		    }
b6500d 
 		    break;
b6500d 
@@ -9597,8 +9602,8 @@ bracketed_paste(paste_mode_T mode, int drop, garray_T *gap)
b6500d
b6500d 
     --no_mapping;
b6500d 
     allow_keys = save_allow_keys;
b6500d 
-    p_paste = save_paste;
b6500d 
-    curbuf->b_p_ai = save_ai;
b6500d 
+    if (!save_paste)
b6500d 
+	set_option_value((char_u *)"paste", FALSE, NULL, 0);
b6500d
b6500d 
     return ret_char;
b6500d 
 }

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation