From 39ef2195357996ce0d2b2d2d41275a572f2891b3 Mon Sep 17 00:00:00 2001
From: Michael Ennen <mike.ennen@gmail.com>
Date: Wed, 13 Jan 2016 16:01:23 -0700
Subject: vim-patch:7.4.714

Problem:    Illegal memory access when there are illegal bytes.
Solution:   Check the byte length of the character. (Dominique Pelle)

https://github.com/vim/vim/commit/069dd08d8dbbbadc4e6780d5c881a24bce79a4f7
---
 src/nvim/regexp.c  | 8 +++++---
 src/nvim/version.c | 2 +-
 2 files changed, 6 insertions(+), 4 deletions(-)

(limited to 'src')

diff --git a/src/nvim/regexp.c b/src/nvim/regexp.c
index e2c4b590d0..39001939d8 100644
--- a/src/nvim/regexp.c
+++ b/src/nvim/regexp.c
@@ -5333,10 +5333,12 @@ do_class:
     if ((len = (*mb_ptr2len)(opnd)) > 1) {
       if (ireg_ic && enc_utf8)
         cf = utf_fold(utf_ptr2char(opnd));
-      while (count < maxcount) {
-        for (i = 0; i < len; ++i)
-          if (opnd[i] != scan[i])
+      while (count < maxcount && (*mb_ptr2len)(scan) >= len) {
+        for (i = 0; i < len; ++i) {
+          if (opnd[i] != scan[i]) {
             break;
+          }
+        }
         if (i < len && (!ireg_ic || !enc_utf8
                         || utf_fold(utf_ptr2char(scan)) != cf))
           break;
diff --git a/src/nvim/version.c b/src/nvim/version.c
index 804f750e18..a00b01a5dd 100644
--- a/src/nvim/version.c
+++ b/src/nvim/version.c
@@ -410,7 +410,7 @@ static int included_patches[] = {
   // 717,
   // 716,
   // 715,
-  // 714,
+  714,
   713,
   712,
   711,
-- 
cgit