To: vim_dev@googlegroups.com Subject: Patch 7.3.365 Fcc: outbox From: Bram Moolenaar Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ------------ Patch 7.3.365 Problem: Crash when using a large Unicode character in a file that has syntax highlighting. (ngollan) Solution: Check for going past the end of the utf tables. (Dominique Pelle) Files: src/mbyte.c *** ../vim-7.3.364/src/mbyte.c 2011-08-10 13:21:30.000000000 +0200 --- src/mbyte.c 2011-12-08 15:09:13.000000000 +0100 *************** *** 2764,2782 **** int tableSize; { int start, mid, end; /* indices into table */ start = 0; ! end = tableSize / sizeof(convertStruct); while (start < end) { /* need to search further */ ! mid = (end + start) /2; if (table[mid].rangeEnd < a) start = mid + 1; else end = mid; } ! if (table[start].rangeStart <= a && a <= table[start].rangeEnd && (a - table[start].rangeStart) % table[start].step == 0) return (a + table[start].offset); else --- 2764,2785 ---- int tableSize; { int start, mid, end; /* indices into table */ + int entries = tableSize / sizeof(convertStruct); start = 0; ! end = entries; while (start < end) { /* need to search further */ ! mid = (end + start) / 2; if (table[mid].rangeEnd < a) start = mid + 1; else end = mid; } ! if (start < entries ! && table[start].rangeStart <= a ! && a <= table[start].rangeEnd && (a - table[start].rangeStart) % table[start].step == 0) return (a + table[start].offset); else *************** *** 2791,2797 **** utf_fold(a) int a; { ! return utf_convert(a, foldCase, sizeof(foldCase)); } static convertStruct toLower[] = --- 2794,2800 ---- utf_fold(a) int a; { ! return utf_convert(a, foldCase, (int)sizeof(foldCase)); } static convertStruct toLower[] = *************** *** 3119,3125 **** return TOUPPER_LOC(a); /* For any other characters use the above mapping table. */ ! return utf_convert(a, toUpper, sizeof(toUpper)); } int --- 3122,3128 ---- return TOUPPER_LOC(a); /* For any other characters use the above mapping table. */ ! return utf_convert(a, toUpper, (int)sizeof(toUpper)); } int *************** *** 3152,3158 **** return TOLOWER_LOC(a); /* For any other characters use the above mapping table. */ ! return utf_convert(a, toLower, sizeof(toLower)); } int --- 3155,3161 ---- return TOLOWER_LOC(a); /* For any other characters use the above mapping table. */ ! return utf_convert(a, toLower, (int)sizeof(toLower)); } int *** ../vim-7.3.364/src/version.c 2011-12-01 20:59:16.000000000 +0100 --- src/version.c 2011-12-08 15:07:53.000000000 +0100 *************** *** 716,717 **** --- 716,719 ---- { /* Add new patch number below this line */ + /**/ + 365, /**/ -- Hear about the guy who played a blank tape at full blast? The mime next door went nuts. /// Bram Moolenaar -- Bram@Moolenaar.net -- http://www.Moolenaar.net \\\ /// sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\ \\\ an exciting new programming language -- http://www.Zimbu.org /// \\\ help me help AIDS victims -- http://ICCF-Holland.org ///