From ee564701579e66a16245328d9e574dcb0752d517 Mon Sep 17 00:00:00 2001
From: Jurica Bradaric <jbradaric@gmail.com>
Date: Sat, 23 Jan 2016 14:32:52 +0100
Subject: vim-patch:7.4.704

Problem:    Searching for a character matches an illegal byte and causes
            invalid memory access. (Dominique Pelle)
Solution:   Do not match an invalid byte when search for a character in a
            string.  Fix equivalence classes using negative numbers, which
            result in illegal bytes.

https://github.com/vim/vim/commit/d82a2a990bc329754e1b61c5af669c76ac202497
---
 src/nvim/strings.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

(limited to 'src/nvim/strings.c')

diff --git a/src/nvim/strings.c b/src/nvim/strings.c
index fe91141375..30a9052a1e 100644
--- a/src/nvim/strings.c
+++ b/src/nvim/strings.c
@@ -425,9 +425,13 @@ char_u *vim_strchr(const char_u *string, int c)
   const char_u *p = string;
   if (enc_utf8 && c >= 0x80) {
     while (*p != NUL) {
-      if (utf_ptr2char(p) == c)
+      int l = (*mb_ptr2len)(p);
+
+      // Avoid matching an illegal byte here.
+      if (utf_ptr2char(p) == c && l > 1) {
         return (char_u *) p;
-      p += (*mb_ptr2len)(p);
+      }
+      p += l;
     }
     return NULL;
   }
-- 
cgit