To: vim-dev@vim.org
Subject: Patch 7.2.279
Fcc: outbox
From: Bram Moolenaar <Bram@moolenaar.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
------------
Patch 7.2.279
Problem: Invalid memory read with visual mode "r". (Dominique Pelle)
Solution: Make sure the cursor position is valid. Don't check the cursor
position but the position being used. And make sure we get the
right line.
Files: src/misc2.c, src/ops.c
*** ../vim-7.2.278/src/misc2.c 2009-05-16 21:06:36.000000000 +0200
--- src/misc2.c 2009-11-03 16:43:10.000000000 +0100
***************
*** 156,162 ****
|| ((ve_flags & VE_ONEMORE) && wcol < MAXCOL)
#endif
;
! line = ml_get_curline();
if (wcol >= MAXCOL)
{
--- 156,162 ----
|| ((ve_flags & VE_ONEMORE) && wcol < MAXCOL)
#endif
;
! line = ml_get_buf(curbuf, pos->lnum, FALSE);
if (wcol >= MAXCOL)
{
***************
*** 332,340 ****
#endif
#ifdef FEAT_MBYTE
! /* prevent cursor from moving on the trail byte */
if (has_mbyte)
! mb_adjust_cursor();
#endif
if (col < wcol)
--- 332,340 ----
#endif
#ifdef FEAT_MBYTE
! /* prevent from moving onto a trail byte */
if (has_mbyte)
! mb_adjustpos(pos);
#endif
if (col < wcol)
*** ../vim-7.2.278/src/ops.c 2009-09-30 15:15:33.000000000 +0200
--- src/ops.c 2009-11-03 15:18:50.000000000 +0100
***************
*** 2020,2025 ****
--- 2020,2026 ----
bd.is_MAX = (curwin->w_curswant == MAXCOL);
for ( ; curwin->w_cursor.lnum <= oap->end.lnum; ++curwin->w_cursor.lnum)
{
+ curwin->w_cursor.col = 0; /* make sure cursor position is valid */
block_prep(oap, &bd, curwin->w_cursor.lnum, TRUE);
if (bd.textlen == 0 && (!virtual_op || bd.is_MAX))
continue; /* nothing to replace */
***************
*** 2035,2040 ****
--- 2036,2042 ----
{
pos_T vpos;
+ vpos.lnum = curwin->w_cursor.lnum;
getvpos(&vpos, oap->start_vcol);
bd.startspaces += vpos.coladd;
n = bd.startspaces;
***************
*** 2693,2703 ****
* initial coladd offset as part of "startspaces" */
if (bd.is_short)
{
! linenr_T lnum = curwin->w_cursor.lnum;
!
! curwin->w_cursor.lnum = linenr;
(void)getvpos(&vpos, oap->start_vcol);
- curwin->w_cursor.lnum = lnum;
}
else
vpos.coladd = 0;
--- 2695,2702 ----
* initial coladd offset as part of "startspaces" */
if (bd.is_short)
{
! vpos.lnum = linenr;
(void)getvpos(&vpos, oap->start_vcol);
}
else
vpos.coladd = 0;
*** ../vim-7.2.278/src/version.c 2009-11-03 16:29:48.000000000 +0100
--- src/version.c 2009-11-03 16:41:53.000000000 +0100
***************
*** 678,679 ****
--- 678,681 ----
{ /* Add new patch number below this line */
+ /**/
+ 279,
/**/
--
BEDEVERE: How do you know so much about swallows?
ARTHUR: Well you have to know these things when you're a king, you know.
"Monty Python and the Holy Grail" PYTHON (MONTY) PICTURES LTD
/// Bram Moolenaar -- Bram@Moolenaar.net -- http://www.Moolenaar.net \\\
/// sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\
\\\ download, build and distribute -- http://www.A-A-P.org ///
\\\ help me help AIDS victims -- http://ICCF-Holland.org ///