diff options
| author | Jan Edmund Lazo <jan.lazo@mail.utoronto.ca> | 2019-03-12 22:16:22 -0400 |
|---|---|---|
| committer | Justin M. Keyes <justinkz@gmail.com> | 2019-03-13 03:16:22 +0100 |
| commit | 2af1e232782a54b9af27578f76a2f730261e00ac (patch) | |
| tree | 497acf3c165cc4d13f077e148d6d4ee49fc0a232 /src | |
| parent | 4f5e3781247501035de226cb581dee78691afb03 (diff) | |
| download | rneovim-2af1e232782a54b9af27578f76a2f730261e00ac.tar.gz rneovim-2af1e232782a54b9af27578f76a2f730261e00ac.tar.bz2 rneovim-2af1e232782a54b9af27578f76a2f730261e00ac.zip | |
vim-patch:8.1.0170: invalid memory use with complicated pattern #9724
Problem: Invalid memory use with complicated pattern. (Andy Massimino)
Solution: Reallocate the list of listids when needed. (closes vim/vim#3175)
Remove unnecessary function prototypes.
https://github.com/vim/vim/commit/2338c32b53d20dc18540b1a20845bcd8a6371bff
Diffstat (limited to 'src')
| -rw-r--r-- | src/nvim/regexp_nfa.c | 17 |
1 files changed, 11 insertions, 6 deletions
diff --git a/src/nvim/regexp_nfa.c b/src/nvim/regexp_nfa.c index e0e8820b87..b935b44291 100644 --- a/src/nvim/regexp_nfa.c +++ b/src/nvim/regexp_nfa.c @@ -4582,7 +4582,9 @@ static bool nfa_re_num_cmp(uintmax_t val, int op, uintmax_t pos) * "pim" is NULL or contains info about a Postponed Invisible Match (start * position). */ -static int recursive_regmatch(nfa_state_T *state, nfa_pim_T *pim, nfa_regprog_T *prog, regsubs_T *submatch, regsubs_T *m, int **listids) +static int recursive_regmatch( + nfa_state_T *state, nfa_pim_T *pim, nfa_regprog_T *prog, + regsubs_T *submatch, regsubs_T *m, int **listids, int *listids_len) { int save_reginput_col = (int)(reginput - regline); int save_reglnum = reglnum; @@ -4665,8 +4667,10 @@ static int recursive_regmatch(nfa_state_T *state, nfa_pim_T *pim, nfa_regprog_T if (nfa_ll_index == 1) { /* Already calling nfa_regmatch() recursively. Save the lastlist[1] * values and clear them. */ - if (*listids == NULL) { + if (*listids == NULL || *listids_len < nstate) { + xfree(*listids); *listids = xmalloc(sizeof(**listids) * nstate); + *listids_len = nstate; } nfa_save_listids(prog, *listids); need_restore = TRUE; @@ -4979,6 +4983,7 @@ static int nfa_regmatch(nfa_regprog_T *prog, nfa_state_T *start, nfa_list_T *thislist; nfa_list_T *nextlist; int *listids = NULL; + int listids_len = 0; nfa_state_T *add_state; bool add_here; int add_count; @@ -5271,7 +5276,7 @@ static int nfa_regmatch(nfa_regprog_T *prog, nfa_state_T *start, // First try matching the invisible match, then what // follows. result = recursive_regmatch(t->state, NULL, prog, submatch, m, - &listids); + &listids, &listids_len); if (result == NFA_TOO_EXPENSIVE) { nfa_match = result; goto theend; @@ -5372,7 +5377,7 @@ static int nfa_regmatch(nfa_regprog_T *prog, nfa_state_T *start, // First try matching the pattern. result = recursive_regmatch(t->state, NULL, prog, submatch, m, - &listids); + &listids, &listids_len); if (result == NFA_TOO_EXPENSIVE) { nfa_match = result; goto theend; @@ -6079,8 +6084,8 @@ static int nfa_regmatch(nfa_regprog_T *prog, nfa_state_T *start, fprintf(log_fd, "Postponed recursive nfa_regmatch()\n"); fprintf(log_fd, "\n"); #endif - result = recursive_regmatch(pim->state, pim, - prog, submatch, m, &listids); + result = recursive_regmatch(pim->state, pim, prog, submatch, m, + &listids, &listids_len); pim->result = result ? NFA_PIM_MATCH : NFA_PIM_NOMATCH; // for \@! and \@<! it is a match when the result is // FALSE |