To: vim_dev@googlegroups.com
Subject: Patch 7.3.648
Fcc: outbox
From: Bram Moolenaar <Bram@moolenaar.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
------------
Patch 7.3.648
Problem: Crash when using a very long file name. (ZyX)
Solution: Properly check length of buffer space.
Files: src/buffer.c
*** ../vim-7.3.647/src/buffer.c 2012-07-16 17:31:48.000000000 +0200
--- src/buffer.c 2012-09-05 13:17:38.000000000 +0200
***************
*** 3234,3245 ****
{
/* format: "fname + (path) (1 of 2) - VIM" */
if (curbuf->b_fname == NULL)
! vim_strncpy(buf, (char_u *)_("[No Name]"), IOSIZE - 100);
else
{
p = transstr(gettail(curbuf->b_fname));
! vim_strncpy(buf, p, IOSIZE - 100);
vim_free(p);
}
--- 3234,3248 ----
{
/* format: "fname + (path) (1 of 2) - VIM" */
+ #define SPACE_FOR_FNAME (IOSIZE - 100)
+ #define SPACE_FOR_DIR (IOSIZE - 20)
+ #define SPACE_FOR_ARGNR (IOSIZE - 10) /* at least room for " - VIM" */
if (curbuf->b_fname == NULL)
! vim_strncpy(buf, (char_u *)_("[No Name]"), SPACE_FOR_FNAME);
else
{
p = transstr(gettail(curbuf->b_fname));
! vim_strncpy(buf, p, SPACE_FOR_FNAME);
vim_free(p);
}
***************
*** 3263,3269 ****
buf[off++] = ' ';
buf[off++] = '(';
home_replace(curbuf, curbuf->b_ffname,
! buf + off, IOSIZE - off, TRUE);
#ifdef BACKSLASH_IN_FILENAME
/* avoid "c:/name" to be reduced to "c" */
if (isalpha(buf[off]) && buf[off + 1] == ':')
--- 3266,3272 ----
buf[off++] = ' ';
buf[off++] = '(';
home_replace(curbuf, curbuf->b_ffname,
! buf + off, SPACE_FOR_DIR - off, TRUE);
#ifdef BACKSLASH_IN_FILENAME
/* avoid "c:/name" to be reduced to "c" */
if (isalpha(buf[off]) && buf[off + 1] == ':')
***************
*** 3274,3291 ****
if (p == buf + off)
/* must be a help buffer */
vim_strncpy(buf + off, (char_u *)_("help"),
! (size_t)(IOSIZE - off - 1));
else
*p = NUL;
! /* translate unprintable chars */
! p = transstr(buf + off);
! vim_strncpy(buf + off, p, (size_t)(IOSIZE - off - 1));
! vim_free(p);
STRCAT(buf, ")");
}
! append_arg_number(curwin, buf, IOSIZE, FALSE);
#if defined(FEAT_CLIENTSERVER)
if (serverName != NULL)
--- 3277,3304 ----
if (p == buf + off)
/* must be a help buffer */
vim_strncpy(buf + off, (char_u *)_("help"),
! (size_t)(SPACE_FOR_DIR - off - 1));
else
*p = NUL;
! /* Translate unprintable chars and concatenate. Keep some
! * room for the server name. When there is no room (very long
! * file name) use (...). */
! if (off < SPACE_FOR_DIR)
! {
! p = transstr(buf + off);
! vim_strncpy(buf + off, p, (size_t)(SPACE_FOR_DIR - off));
! vim_free(p);
! }
! else
! {
! vim_strncpy(buf + off, (char_u *)"...",
! (size_t)(SPACE_FOR_ARGNR - off));
! }
STRCAT(buf, ")");
}
! append_arg_number(curwin, buf, SPACE_FOR_ARGNR, FALSE);
#if defined(FEAT_CLIENTSERVER)
if (serverName != NULL)
*** ../vim-7.3.647/src/version.c 2012-09-05 12:16:40.000000000 +0200
--- src/version.c 2012-09-05 13:29:53.000000000 +0200
***************
*** 721,722 ****
--- 721,724 ----
{ /* Add new patch number below this line */
+ /**/
+ 648,
/**/
--
Q: How does a UNIX Guru do Sex ?
A: unzip;strip;touch;finger;mount;fsck;more;yes;umount;sleep
/// Bram Moolenaar -- Bram@Moolenaar.net -- http://www.Moolenaar.net \\\
/// sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\
\\\ an exciting new programming language -- http://www.Zimbu.org ///
\\\ help me help AIDS victims -- http://ICCF-Holland.org ///