From 338da727cdb19a15a0b001707e8778e10977e65c Mon Sep 17 00:00:00 2001
From: James McCoy <jamessan@jamessan.com>
Date: Thu, 30 Mar 2017 22:11:40 -0400
Subject: coverity/161216: Ensure buf is valid for lifetime of defstr

Depending on the type of argument for input()/inputdialog()'s {text}
argument, defstr may point to buf.  Therefore it needs to be in scope
for the lifetime of defstr.

Also, use a different buffer for the handling of the 3rd argument to
input()/inputdialog().  Although the buffer defstr points to is used
immediately, it avoids potential mishaps if the code changes.
---
 src/nvim/eval.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'src')

diff --git a/src/nvim/eval.c b/src/nvim/eval.c
index 80c2fe10d7..c683fe4e10 100644
--- a/src/nvim/eval.c
+++ b/src/nvim/eval.c
@@ -11008,18 +11008,19 @@ static void get_user_input(typval_T *argvars, typval_T *rettv, int inputdialog)
     cmdline_row = msg_row;
 
     const char *defstr = "";
+    char buf[NUMBUFLEN];
     if (argvars[1].v_type != VAR_UNKNOWN) {
-      char buf[NUMBUFLEN];
       defstr = tv_get_string_buf_chk(&argvars[1], buf);
       if (defstr != NULL) {
         stuffReadbuffSpec(defstr);
       }
 
       if (!inputdialog && argvars[2].v_type != VAR_UNKNOWN) {
+        char buf2[NUMBUFLEN];
         // input() with a third argument: completion
         rettv->vval.v_string = NULL;
 
-        const char *const xp_name = tv_get_string_buf_chk(&argvars[2], buf);
+        const char *const xp_name = tv_get_string_buf_chk(&argvars[2], buf2);
         if (xp_name == NULL) {
           return;
         }
-- 
cgit