From 7328c4de54ac96b39853b3f43736aff863fd209d Mon Sep 17 00:00:00 2001
From: zeertzjq <zeertzjq@outlook.com>
Date: Tue, 29 Nov 2022 11:18:15 +0800
Subject: vim-patch:9.0.0733: use of strftime() is not safe (#21228)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Problem:    Use of strftime() is not safe.
Solution:   Check the return value of strftime().  Use a larger buffer and
            correctly pass the available space. (Dominique Pellé, closes
            vim/vim#11348)

https://github.com/vim/vim/commit/84d14ccdb50dc9f362066a2c83bfaf331314e5ea

Co-authored-by: Dominique Pelle <dominique.pelle@gmail.com>
---
 src/nvim/eval/funcs.c | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

(limited to 'src/nvim/eval')

diff --git a/src/nvim/eval/funcs.c b/src/nvim/eval/funcs.c
index ebe7e0325b..c312ae61a5 100644
--- a/src/nvim/eval/funcs.c
+++ b/src/nvim/eval/funcs.c
@@ -8445,9 +8445,7 @@ static void f_strftime(typval_T *argvars, typval_T *rettv, EvalFuncData fptr)
       p = string_convert(&conv, p, NULL);
     }
     char result_buf[256];
-    if (p != NULL) {
-      (void)strftime(result_buf, sizeof(result_buf), p, curtime_ptr);
-    } else {
+    if (p == NULL || strftime(result_buf, sizeof(result_buf), p, curtime_ptr) == 0) {
       result_buf[0] = NUL;
     }
 
-- 
cgit