To: vim_dev@googlegroups.com
Subject: Patch 7.4.2
Fcc: outbox
From: Bram Moolenaar <Bram@moolenaar.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
------------

Patch 7.4.256 (after 7.4.248)
Problem:    Using systemlist() may cause a crash and does not handle NUL
	    characters properly.
Solution:   Increase the reference count, allocate memory by length. (Yasuhiro
	    Matsumoto)
Files:	    src/eval.c


*** ../vim-7.4.255/src/eval.c	2014-04-05 21:28:50.667174384 +0200
--- src/eval.c	2014-04-11 10:10:22.112217827 +0200
***************
*** 18334,18349 ****
  	for (i = 0; i < len; ++i)
  	{
  	    start = res + i;
! 	    for (end = start; i < len && *end != NL; ++end)
  		++i;
  
! 	    s = vim_strnsave(start, (int)(end - start));
  	    if (s == NULL)
  		goto errret;
  
! 	    for (p = s, end = s + (end - start); p < end; ++p)
! 		if (*p == NUL)
! 		    *p = NL;
  
  	    li = listitem_alloc();
  	    if (li == NULL)
--- 18334,18350 ----
  	for (i = 0; i < len; ++i)
  	{
  	    start = res + i;
! 	    while (i < len && res[i] != NL)
  		++i;
+ 	    end = res + i;
  
! 	    s = alloc((unsigned)(end - start + 1));
  	    if (s == NULL)
  		goto errret;
  
! 	    for (p = s; start < end; ++p, ++start)
! 		*p = *start == NUL ? NL : *start;
! 	    *p = NUL;
  
  	    li = listitem_alloc();
  	    if (li == NULL)
***************
*** 18356,18361 ****
--- 18357,18363 ----
  	    list_append(list, li);
  	}
  
+ 	++list->lv_refcount;
  	rettv->v_type = VAR_LIST;
  	rettv->vval.v_list = list;
  	list = NULL;
*** ../vim-7.4.255/src/version.c	2014-04-10 20:00:03.720106386 +0200
--- src/version.c	2014-04-11 09:44:05.208214383 +0200
***************
*** 736,737 ****
--- 736,739 ----
  {   /* Add new patch number below this line */
+ /**/
+     256,
  /**/

-- 
hundred-and-one symptoms of being an internet addict:
46. Your wife makes a new rule: "The computer cannot come to bed."

 /// Bram Moolenaar -- Bram@Moolenaar.net -- http://www.Moolenaar.net   \\\
///        sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\
\\\  an exciting new programming language -- http://www.Zimbu.org        ///
 \\\            help me help AIDS victims -- http://ICCF-Holland.org    ///