From 6680002169a8cc505186e81acc161bec40658d73 Mon Sep 17 00:00:00 2001 From: zeertzjq Date: Wed, 24 Aug 2022 21:44:37 +0800 Subject: vim-patch:9.0.0060: accessing uninitialized memory when completing long line Problem: Accessing uninitialized memory when completing long line. Solution: Terminate string with NUL. https://github.com/vim/vim/commit/b9e717367c395490149495cf375911b5d9de889e --- src/nvim/insexpand.c | 1 + src/nvim/testdir/test_ins_complete.vim | 7 +++++++ 2 files changed, 8 insertions(+) (limited to 'src') diff --git a/src/nvim/insexpand.c b/src/nvim/insexpand.c index 2d470aa992..56f8834b56 100644 --- a/src/nvim/insexpand.c +++ b/src/nvim/insexpand.c @@ -582,6 +582,7 @@ static char_u *ins_compl_infercase_gettext(char_u *str, int char_len, int compl_ // getting to six bytes from the edge of IObuff switch to using a // growarray. Add the character in the next round. ga_grow(&gap, IOSIZE); + *p = NUL; STRCPY(gap.ga_data, IObuff); gap.ga_len = (int)STRLEN(IObuff); } else { diff --git a/src/nvim/testdir/test_ins_complete.vim b/src/nvim/testdir/test_ins_complete.vim index cd7d83c8ea..9aa3881724 100644 --- a/src/nvim/testdir/test_ins_complete.vim +++ b/src/nvim/testdir/test_ins_complete.vim @@ -965,6 +965,13 @@ func Test_infercase_very_long_line() exe "normal 2Go\\\" call assert_equal(longLine, getline(3)) + " check that the too long text is NUL terminated + %del + norm o + norm 1987ax + exec "norm ox\\" + call assert_equal(repeat('x', 1987), getline(3)) + bwipe! set noic noinfercase endfunc -- cgit