From c836383d21b6d38ecf59e46e76da55ca97a4fc65 Mon Sep 17 00:00:00 2001 From: zeertzjq Date: Fri, 24 May 2024 15:04:33 +0800 Subject: vim-patch:9.1.0438: Wrong Ex command executed when :g uses '?' as delimiter (#28956) Problem: Wrong Ex command executed when :g uses '?' as delimiter and pattern contains escaped '?'. Solution: Don't use "*newp" when it's not allocated (zeertzjq). closes: vim/vim#14837 https://github.com/vim/vim/commit/3074137542961ce7b3b65c14ebde75f13f5e6147 --- src/nvim/regexp.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'src/nvim/regexp.c') diff --git a/src/nvim/regexp.c b/src/nvim/regexp.c index fa6e577c74..5600d6a2f8 100644 --- a/src/nvim/regexp.c +++ b/src/nvim/regexp.c @@ -774,7 +774,7 @@ char *skip_regexp_ex(char *startp, int dirc, int magic, char **newp, int *droppe { magic_T mymagic; char *p = startp; - size_t startplen = strlen(startp); + size_t startplen = 0; if (magic) { mymagic = MAGIC_ON; @@ -796,14 +796,18 @@ char *skip_regexp_ex(char *startp, int dirc, int magic, char **newp, int *droppe } else if (p[0] == '\\' && p[1] != NUL) { if (dirc == '?' && newp != NULL && p[1] == '?') { // change "\?" to "?", make a copy first. + if (startplen == 0) { + startplen = strlen(startp); + } if (*newp == NULL) { *newp = xstrnsave(startp, startplen); p = *newp + (p - startp); + startp = *newp; } if (dropped != NULL) { (*dropped)++; } - memmove(p, p + 1, (startplen - (size_t)((p + 1) - *newp)) + 1); + memmove(p, p + 1, startplen - (size_t)((p + 1) - startp) + 1); } else { p++; // skip next character } -- cgit