To: vim_dev@googlegroups.com Subject: Patch 7.3.648 Fcc: outbox From: Bram Moolenaar <Bram@moolenaar.net> Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ------------ Patch 7.3.648 Problem: Crash when using a very long file name. (ZyX) Solution: Properly check length of buffer space. Files: src/buffer.c *** ../vim-7.3.647/src/buffer.c 2012-07-16 17:31:48.000000000 +0200 --- src/buffer.c 2012-09-05 13:17:38.000000000 +0200 *************** *** 3234,3245 **** { /* format: "fname + (path) (1 of 2) - VIM" */ if (curbuf->b_fname == NULL) ! vim_strncpy(buf, (char_u *)_("[No Name]"), IOSIZE - 100); else { p = transstr(gettail(curbuf->b_fname)); ! vim_strncpy(buf, p, IOSIZE - 100); vim_free(p); } --- 3234,3248 ---- { /* format: "fname + (path) (1 of 2) - VIM" */ + #define SPACE_FOR_FNAME (IOSIZE - 100) + #define SPACE_FOR_DIR (IOSIZE - 20) + #define SPACE_FOR_ARGNR (IOSIZE - 10) /* at least room for " - VIM" */ if (curbuf->b_fname == NULL) ! vim_strncpy(buf, (char_u *)_("[No Name]"), SPACE_FOR_FNAME); else { p = transstr(gettail(curbuf->b_fname)); ! vim_strncpy(buf, p, SPACE_FOR_FNAME); vim_free(p); } *************** *** 3263,3269 **** buf[off++] = ' '; buf[off++] = '('; home_replace(curbuf, curbuf->b_ffname, ! buf + off, IOSIZE - off, TRUE); #ifdef BACKSLASH_IN_FILENAME /* avoid "c:/name" to be reduced to "c" */ if (isalpha(buf[off]) && buf[off + 1] == ':') --- 3266,3272 ---- buf[off++] = ' '; buf[off++] = '('; home_replace(curbuf, curbuf->b_ffname, ! buf + off, SPACE_FOR_DIR - off, TRUE); #ifdef BACKSLASH_IN_FILENAME /* avoid "c:/name" to be reduced to "c" */ if (isalpha(buf[off]) && buf[off + 1] == ':') *************** *** 3274,3291 **** if (p == buf + off) /* must be a help buffer */ vim_strncpy(buf + off, (char_u *)_("help"), ! (size_t)(IOSIZE - off - 1)); else *p = NUL; ! /* translate unprintable chars */ ! p = transstr(buf + off); ! vim_strncpy(buf + off, p, (size_t)(IOSIZE - off - 1)); ! vim_free(p); STRCAT(buf, ")"); } ! append_arg_number(curwin, buf, IOSIZE, FALSE); #if defined(FEAT_CLIENTSERVER) if (serverName != NULL) --- 3277,3304 ---- if (p == buf + off) /* must be a help buffer */ vim_strncpy(buf + off, (char_u *)_("help"), ! (size_t)(SPACE_FOR_DIR - off - 1)); else *p = NUL; ! /* Translate unprintable chars and concatenate. Keep some ! * room for the server name. When there is no room (very long ! * file name) use (...). */ ! if (off < SPACE_FOR_DIR) ! { ! p = transstr(buf + off); ! vim_strncpy(buf + off, p, (size_t)(SPACE_FOR_DIR - off)); ! vim_free(p); ! } ! else ! { ! vim_strncpy(buf + off, (char_u *)"...", ! (size_t)(SPACE_FOR_ARGNR - off)); ! } STRCAT(buf, ")"); } ! append_arg_number(curwin, buf, SPACE_FOR_ARGNR, FALSE); #if defined(FEAT_CLIENTSERVER) if (serverName != NULL) *** ../vim-7.3.647/src/version.c 2012-09-05 12:16:40.000000000 +0200 --- src/version.c 2012-09-05 13:29:53.000000000 +0200 *************** *** 721,722 **** --- 721,724 ---- { /* Add new patch number below this line */ + /**/ + 648, /**/ -- Q: How does a UNIX Guru do Sex ? A: unzip;strip;touch;finger;mount;fsck;more;yes;umount;sleep /// Bram Moolenaar -- Bram@Moolenaar.net -- http://www.Moolenaar.net \\\ /// sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\ \\\ an exciting new programming language -- http://www.Zimbu.org /// \\\ help me help AIDS victims -- http://ICCF-Holland.org ///