diff options
| author | Eliseo Martínez <eliseomarmol@gmail.com> | 2015-01-31 14:44:18 +0100 | 
|---|---|---|
| committer | Eliseo Martínez <eliseomarmol@gmail.com> | 2015-02-11 19:10:36 +0100 | 
| commit | cf8e175cf54281bcad5e704308e92ebb3e6381d3 (patch) | |
| tree | 892afd3e117f6fb0e3214c39217e811b95c3f01b /src | |
| parent | 5976251bb91a7d3967cf268f0eeed1f5d756ba7a (diff) | |
| download | rneovim-cf8e175cf54281bcad5e704308e92ebb3e6381d3.tar.gz rneovim-cf8e175cf54281bcad5e704308e92ebb3e6381d3.tar.bz2 rneovim-cf8e175cf54281bcad5e704308e92ebb3e6381d3.zip | |
coverity/13762: Out-of-bounds read: RI.
Problem    : Out-of-bounds read @ 2213.
Diagnostic : Real issue.
Rationale  : Error occurs if cmap == ARRAY_SIZE(prt_ps_mbfonts),
             but code takes the `if (prt_out_mbyte)` branch. That's it,
             if a matching encoding is found but not a matching charset.
             In that case, the first matching encoding is used.
Resolution : Remember the value of cmap for the first matching encoding.
             Reset cmap to that value if first matching encoding is
             going to be used.
Diffstat (limited to 'src')
| -rw-r--r-- | src/nvim/hardcopy.c | 16 | 
1 files changed, 11 insertions, 5 deletions
| diff --git a/src/nvim/hardcopy.c b/src/nvim/hardcopy.c index fb04f4407c..c01f763d20 100644 --- a/src/nvim/hardcopy.c +++ b/src/nvim/hardcopy.c @@ -2122,19 +2122,25 @@ int mch_print_init(prt_settings_T *psettings, char_u *jobname, int forceit)    props = enc_canon_props(p_encoding);    if (!(props & ENC_8BIT) && ((*p_pmcs != NUL) || !(props & ENC_UNICODE))) {      p_mbenc_first = NULL; +    int effective_cmap;      for (cmap = 0; cmap < (int)ARRAY_SIZE(prt_ps_mbfonts); cmap++)        if (prt_match_encoding((char *)p_encoding, &prt_ps_mbfonts[cmap], -              &p_mbenc)) { -        if (p_mbenc_first == NULL) +                             &p_mbenc)) { +        if (p_mbenc_first == NULL) {            p_mbenc_first = p_mbenc; -        if (prt_match_charset((char *)p_pmcs, &prt_ps_mbfonts[cmap], -                &p_mbchar)) +          effective_cmap = cmap; +        } +        if (prt_match_charset((char *)p_pmcs, &prt_ps_mbfonts[cmap], &p_mbchar))            break;        }      /* Use first encoding matched if no charset matched */ -    if (p_mbchar == NULL && p_mbenc_first != NULL) +    if (p_mbchar == NULL && p_mbenc_first != NULL) {        p_mbenc = p_mbenc_first; +      cmap = effective_cmap; +    } + +    assert(p_mbenc == NULL || cmap < (int)ARRAY_SIZE(prt_ps_mbfonts));    }    prt_out_mbyte = (p_mbenc != NULL); | 
