| To: vim-dev@vim.org |
| Subject: patch 7.1.087 |
| Fcc: outbox |
| From: Bram Moolenaar <Bram@moolenaar.net> |
| Mime-Version: 1.0 |
| Content-Type: text/plain; charset=ISO-8859-1 |
| Content-Transfer-Encoding: 8bit |
| |
| |
| Patch 7.1.087 |
| Problem: Reading past ":cscope find" command. Writing past end of a buffer. |
| Solution: Check length of the argument before using the pattern. Use |
| vim_strncpy(). (Dominique Pelle) |
| Files: if_cscope.c |
| |
| |
| |
| |
| |
| *** 73,78 **** |
| --- 73,80 ---- |
| |
| |
| static csinfo_T csinfo[CSCOPE_MAX_CONNECTIONS]; |
| + static int eap_arg_len; /* length of eap->arg, set in |
| + cs_lookup_cmd() */ |
| static cscmd_T cs_cmds[] = |
| { |
| { "add", cs_add, |
| |
| *** 260,273 **** |
| |
| if ((p = cs_manage_matches(NULL, NULL, -1, Get)) == NULL) |
| return TRUE; |
| ! |
| ! if ((int)strlen(p) > size) |
| ! { |
| ! strncpy((char *)buf, p, size - 1); |
| ! buf[size] = '\0'; |
| ! } |
| ! else |
| ! (void)strcpy((char *)buf, p); |
| |
| return FALSE; |
| } /* cs_fgets */ |
| --- 262,268 ---- |
| |
| if ((p = cs_manage_matches(NULL, NULL, -1, Get)) == NULL) |
| return TRUE; |
| ! vim_strncpy(buf, (char_u *)p, size - 1); |
| |
| return FALSE; |
| } /* cs_fgets */ |
| |
| *** 386,392 **** |
| * PRIVATE: cs_add |
| * |
| * add cscope database or a directory name (to look for cscope.out) |
| ! * the the cscope connection list |
| * |
| * MAXPATHL 256 |
| */ |
| --- 381,387 ---- |
| * PRIVATE: cs_add |
| * |
| * add cscope database or a directory name (to look for cscope.out) |
| ! * to the cscope connection list |
| * |
| * MAXPATHL 256 |
| */ |
| |
| *** 966,972 **** |
| } |
| |
| pat = opt + strlen(opt) + 1; |
| ! if (pat == NULL || (pat != NULL && pat[0] == '\0')) |
| { |
| cs_usage_msg(Find); |
| return FALSE; |
| --- 961,967 ---- |
| } |
| |
| pat = opt + strlen(opt) + 1; |
| ! if (pat >= (char *)eap->arg + eap_arg_len) |
| { |
| cs_usage_msg(Find); |
| return FALSE; |
| |
| *** 1317,1323 **** |
| #else |
| /* compare pathnames first */ |
| && ((fullpathcmp(csinfo[j].fname, fname, FALSE) & FPC_SAME) |
| ! /* if not Windows 9x, test index file atributes too */ |
| || (!mch_windows95() |
| && csinfo[j].nVolume == bhfi.dwVolumeSerialNumber |
| && csinfo[j].nIndexHigh == bhfi.nFileIndexHigh |
| --- 1312,1318 ---- |
| #else |
| /* compare pathnames first */ |
| && ((fullpathcmp(csinfo[j].fname, fname, FALSE) & FPC_SAME) |
| ! /* if not Windows 9x, test index file attributes too */ |
| || (!mch_windows95() |
| && csinfo[j].nVolume == bhfi.dwVolumeSerialNumber |
| && csinfo[j].nIndexHigh == bhfi.nFileIndexHigh |
| |
| *** 1401,1406 **** |
| --- 1396,1404 ---- |
| if (eap->arg == NULL) |
| return NULL; |
| |
| + /* Store length of eap->arg before it gets modified by strtok(). */ |
| + eap_arg_len = STRLEN(eap->arg); |
| + |
| if ((stok = strtok((char *)(eap->arg), (const char *)" ")) == NULL) |
| return NULL; |
| |
| |
| *** 2195,2201 **** |
| cs_add_common(dblist[i], pplist[i], fllist[i]); |
| if (p_csverbose) |
| { |
| ! /* dont' use smsg_attr because want to display |
| * connection number in the same line as |
| * "Added cscope database..." |
| */ |
| --- 2193,2199 ---- |
| cs_add_common(dblist[i], pplist[i], fllist[i]); |
| if (p_csverbose) |
| { |
| ! /* don't use smsg_attr() because we want to display the |
| * connection number in the same line as |
| * "Added cscope database..." |
| */ |
| |
| |
| |
| *** 668,669 **** |
| --- 668,671 ---- |
| { /* Add new patch number below this line */ |
| + /**/ |
| + 87, |
| /**/ |
| |
| -- |
| hundred-and-one symptoms of being an internet addict: |
| 223. You set up a web-cam as your home's security system. |
| |
| /// Bram Moolenaar -- Bram@Moolenaar.net -- http://www.Moolenaar.net \\\ |
| /// sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\ |
| \\\ download, build and distribute -- http://www.A-A-P.org /// |
| \\\ help me help AIDS victims -- http://ICCF-Holland.org /// |