diff options
| author | zeertzjq <zeertzjq@outlook.com> | 2024-07-31 06:37:58 +0800 |
|---|---|---|
| committer | zeertzjq <zeertzjq@outlook.com> | 2024-07-31 08:03:30 +0800 |
| commit | 17f95fe79bc32d3e6c008716e2bc623cbecf7a0d (patch) | |
| tree | 924879127c0de1174331601d9ff9deb0f97cc69a /src | |
| parent | 63cd2adf3d27436dbaf6a8eda72608d3009ccd3c (diff) | |
| download | rneovim-17f95fe79bc32d3e6c008716e2bc623cbecf7a0d.tar.gz rneovim-17f95fe79bc32d3e6c008716e2bc623cbecf7a0d.tar.bz2 rneovim-17f95fe79bc32d3e6c008716e2bc623cbecf7a0d.zip | |
vim-patch:9.0.0105: illegal memory access when pattern starts with illegal byte
Problem: Illegal memory access when pattern starts with illegal byte.
Solution: Do not match a character with an illegal byte.
https://github.com/vim/vim/commit/f50940531dd57135fe60aa393ac9d3281f352d88
Co-authored-by: Bram Moolenaar <Bram@vim.org>
Diffstat (limited to 'src')
| -rw-r--r-- | src/nvim/regexp.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/src/nvim/regexp.c b/src/nvim/regexp.c index bd9fbf00be..31384e8124 100644 --- a/src/nvim/regexp.c +++ b/src/nvim/regexp.c @@ -1804,7 +1804,9 @@ static inline char *cstrchr(const char *const s, const int c) if (c > 0x80) { const int folded_c = utf_fold(c); for (const char *p = s; *p != NUL; p += utfc_ptr2len(p)) { - if (utf_fold(utf_ptr2char(p)) == folded_c) { + const int uc = utf_ptr2char(p); + // Do not match an illegal byte. E.g. 0xff matches 0xc3 0xbf, not 0xff. + if ((uc < 0x80 || uc != (uint8_t)(*p)) && utf_fold(uc) == folded_c) { return (char *)p; } } |