| Commit message (Collapse) | Author | Age |
|---|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
This function is identical to vim_isprintc when encoding=utf-8 is used
As this is the only internal encoding nvim supports, it is now redundant
ref #2905
|
| |
|
|
|
| |
Create mapping to most of the C spec and some POSIX specific functions.
This is more robust than relying files shipped with IWYU.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Problem: [security]: use-after-free in ex_substitute
Solution: always allocate memory
closes: vim/vim#13552
A recursive :substitute command could cause a heap-use-after free in Vim
(CVE-2023-48706).
The whole reproducible test is a bit tricky, I can only reproduce this
reliably when no previous substitution command has been used yet
(which is the reason, the test needs to run as first one in the
test_substitute.vim file) and as a combination of the `:~` command
together with a :s command that contains the special substitution atom `~\=`
which will make use of a sub-replace special atom and calls a vim script
function.
There was a comment in the existing :s code, that already makes the
`sub` variable allocate memory so that a recursive :s call won't be able
to cause any issues here, so this was known as a potential problem
already. But for the current test-case that one does not work, because
the substitution does not start with `\=` but with `~\=` (and since
there does not yet exist a previous substitution atom, Vim will simply
increment the `sub` pointer (which then was not allocated dynamically)
and later one happily use a sub-replace special expression (which could
then free the `sub` var).
The following commit fixes this, by making the sub var always using
allocated memory, which also means we need to free the pointer whenever
we leave the function. Since sub is now always an allocated variable,
we also do no longer need the sub_copy variable anymore, since this one
was used to indicated when sub pointed to allocated memory (and had
therefore to be freed on exit) and when not.
Github Security Advisory:
https://github.com/vim/vim/security/advisories/GHSA-c8qm-x72m-q53q
https://github.com/vim/vim/commit/26c11c56888d01e298cd8044caf860f3c26f57bb
Co-authored-by: Christian Brabandt <cb@256bit.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Problem: Vim9: cannot use \=expr in :substitute.
Solution: Compile the expression into instructions and execute them when
invoked.
https://github.com/vim/vim/commit/4c13721482d7786f92f5a56e43b0f5c499264b7e
Vim9 script is N/A, including substitute_instr.
Co-authored-by: Bram Moolenaar <Bram@vim.org>
|
| |
|
|
|
|
| |
This requires removing the "Inner expression should be aligned" rule
from clint as it prevents essentially any formatting regarding ternary
operators.
|
| |
|
|
|
| |
- reduce variable scope
- prefer initialization over declaration and assignment
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Problem: buffer text with composing chars are converted from UTF-8
to an array of up to seven UTF-32 values and then converted back
to UTF-8 strings.
Solution: Convert buffer text directly to UTF-8 based schar_T values.
The limit of the text size is now in schar_T bytes, which is currently
31+1 but easily could be raised as it no longer multiplies the size
of the entire screen grid when not used, the full size is only required
for temporary scratch buffers.
Also does some general cleanup to win_line text handling, which was
unnecessarily complicated due to multibyte rendering being an "opt-in"
feature long ago. Nowadays, a char is just a char, regardless if it consists
of one ASCII byte or multiple bytes.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Problem: [security]: overflow with count for :s command
Solution: Abort the :s command if the count is too large
If the count after the :s command is larger than what fits into a
(signed) long variable, abort with e_value_too_large.
Adds a test with INT_MAX as count and verify it correctly fails.
It seems the return value on Windows using mingw compiler wraps around,
so the initial test using :s/./b/9999999999999999999999999990 doesn't
fail there, since the count is wrapping around several times and finally
is no longer larger than 2147483647. So let's just use 2147483647 in the
test, which hopefully will always cause a failure
https://github.com/vim/vim/commit/ac63787734fda2e294e477af52b3bd601517fa78
Co-authored-by: Christian Brabandt <cb@256bit.org>
|
| | |
|
| |
|
|
|
|
| |
- reduce variable scope
- prefer initialization over declaration and assignment
- use bool to represent boolean values
|
| |
|
|
|
|
|
| |
We already have an extensive suite of static analysis tools we use,
which causes a fair bit of redundancy as we get duplicate warnings. PVS
is also prone to give false warnings which creates a lot of work to
identify and disable.
|
| | |
|
| |
|
|
| |
When the given length is exactly the number of bytes to copy, xmemdupz()
makes the intention clearer.
|
| |
|
|
|
|
| |
long is 32 bits on windows, while it is 64 bits on other architectures.
This makes the type suboptimal for a codebase meant to be
cross-platform. Replace it with more appropriate integer types.
|
| |
|
|
|
| |
Uncrustify is the source of truth where possible.
Remove any redundant checks from clint.py.
|
| |
|
|
|
|
|
|
|
|
| |
Problem:
The next command after `silent !{cmd}` or `silent lua print('str')`
prints an empty line before printing a message, because these commands
set `msg_didout = true` despite not printing any messages.
Solution:
Set `msg_didout = true` only if `msg_silent == 0`
|
| |
|
|
|
|
| |
long is 32 bits on windows, while it is 64 bits on other architectures.
This makes the type suboptimal for a codebase meant to be
cross-platform. Replace it with more appropriate integer types.
|
| |
|
|
|
|
| |
long is 32 bits on windows, while it is 64 bits on other architectures.
This makes the type suboptimal for a codebase meant to be
cross-platform. Replace it with more appropriate integer types.
|
| | |
|
| | |
|
| |
|
|
|
|
| |
- Move vimoption_T to option.h
- option_defs.h is for option-related types
- option_vars.h corresponds to Vim's option.h
- option_defs.h and option_vars.h don't include each other
|
| | |
|
| |
|
|
|
| |
long is 32-bits even on 64-bit windows which makes the type suboptimal
for a codebase meant to be cross-platform.
|
| |
|
|
|
| |
problem: there are too many different functions in message.c
solution: fold some of the functions into themselves
|
| |
|
|
|
| |
problem: there are too many different functions in message.c
solution: fold some of the functions into themselves
|
| |
|
|
|
|
| |
This was only used to avoid the effect of SHM_OVERALL. This can easily
be handled in isolation, instead of clearing out all of 'shortmess' which
has unwanted side effects and mystifies what really is going on.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Problem: missing test for patch 9.0.1873
Solution: add a test trying to exchange windows
Add a test, making sure that switching windows is not allowed when
textlock is active, e.g. when running `:s/<pat>/\=func()/`
https://github.com/vim/vim/commit/18d2709aa12ffa3f6ae1a13059990558c5f8e406
Co-authored-by: Christian Brabandt <cb@256bit.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Problem: buffer-overflow in vim_regsub_both()
Solution: Check remaining space
https://github.com/vim/vim/commit/ced2c7394aafdc90fb7845e09b3a3fee23d48cb1
The change to do_sub() looks confusing. Maybe it's an overflow check?
Then the crash may not be applicable to Nvim because of different casts.
The test also looks confusing. It seems to source itself recursively.
Also don't call strlen() twice on evaluation result.
N/A patches for version.c:
vim-patch:9.0.1849: CI error on different signedness in ex_cmds.c
vim-patch:9.0.1853: CI error on different signedness in regexp.c
Co-authored-by: Christian Brabandt <cb@256bit.org>
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
Problem: use-after-free in do_ecmd
Solution: Verify oldwin pointer after reset_VIsual()
https://github.com/vim/vim/commit/e1dc9a627536304bc4f738c21e909ad9fcf3974c
N/A patches for version.c:
vim-patch:9.0.1841: style: trailing whitespace in ex_cmds.c
Co-authored-by: Christian Brabandt <cb@256bit.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Most of the messy things when changing a non-current buffer is
not about the buffer, it is about windows. In particular, it is about
`curwin`.
When editing a non-current buffer which is displayed in some other
window in the current tabpage, one such window will be "borrowed" as the
curwin. But this means if two or more non-current windows displayed the buffers,
one of them will be treated differenty. this is not desirable.
In particular, with nvim_buf_set_text, cursor _column_ position was only
corrected for one single window. Two new tests are added: the test
with just one non-current window passes, but the one with two didn't.
Two corresponding such tests were also added for nvim_buf_set_lines.
This already worked correctly on master, but make sure this is
well-tested for future refactors.
Also, nvim_create_buf no longer invokes autocmds just because you happened
to use `scratch=true`. No option value was changed, therefore OptionSet
must not be fired.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
ml_get_buf() takes a third parameters to indicate whether the
caller wants to mutate the memline data in place. However
the vast majority of the call sites is using this function
just to specify a buffer but without any mutation. This makes
it harder to grep for the places which actually perform mutation.
Solution: Remove the bool param from ml_get_buf(). it now works
like ml_get() except for a non-current buffer. Add a new
ml_get_buf_mut() function for the mutating use-case, which can
be grepped along with the other ml_replace() etc functions which
can modify the memline.
|
| |
|
|
|
| |
long is 32-bits even on 64-bit windows which makes the type suboptimal
for a codebase meant to be cross-platform.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
Problem: :wqall does not trigger ExitPre. (Bart Libert)
Solution: Move preparations for :qall to a common function. (closes vim/vim#12374)
https://github.com/vim/vim/commit/411da64e77ef9d8edd1a5aa80fa5b9a4b159c93d
Co-authored-by: Bram Moolenaar <Bram@vim.org>
|
| |
|
|
|
|
|
|
|
| |
Problem: Inconsistent capitalization in error messages.
Solution: Make capitalization consistent. (Doug Kearns)
https://github.com/vim/vim/commit/cf030578b26460643dca4a40e7f2e3bc19c749aa
Co-authored-by: Bram Moolenaar <Bram@vim.org>
|
| |
|
|
|
|
|
|
|
| |
Problem: 'scrolloff' does not work well with 'smoothscroll'.
Solution: Make positioning the cursor a bit better. Rename functions.
https://github.com/vim/vim/commit/c9121f798f49fa71e814912cb186d89c164090c3
Co-authored-by: Bram Moolenaar <Bram@vim.org>
|
| |
|
|
|
|
|
| |
Problem: Handling new value of an option has a long "else if" chain.
Solution: Use a function pointer. (Yegappan Lakshmanan, closes vim/vim#12015)
https://github.com/vim/vim/commit/af93691b53f38784efce0b93fe7644c44a7e382e
|
| |
|
|
| |
Notable changes: replace all infinite loops to `while(true)` and remove
`int` from `unsigned int`.
|
| |
|
|
|
|
|
|
|
|
| |
Problem: The fileio.c file is too big.
Solution: Move buf_write() to bufwrite.c. (Yegappan Lakshmanan,
closes vim/vim#4990)
https://github.com/vim/vim/commit/c079f0fed1c16495d726d616c5362edc04742a0d
Co-authored-by: Yegappan Lakshmanan <yegappan@yahoo.com>
Co-authored-by: zeertzjq <zeertzjq@outlook.com>
|
| |
|
|
|
|
|
|
|
| |
Problem: Crash when using "!!" without a previous shell command.
Solution: Check "prevcmd" is not NULL. (closes vim/vim#11487)
https://github.com/vim/vim/commit/6600447c7b0a1be3a64d07a318bacdfaae0cac4b
Co-authored-by: Bram Moolenaar <Bram@vim.org>
|
