aniani/vim
0
0
Fork 1
mirror of https://github.com/vim/vim.git synced 2025-10-06 05:44:14 -04:00
Code Activity

patch 8.0.1421: accessing invalid memory with overlong byte sequence

Browse Source 
Problem:    Accessing invalid memory with overlong byte sequence.
Solution:   Check for NUL character. (test by Dominique Pelle, closes #2485)
This commit is contained in:
Bram Moolenaar
2017-12-22 21:06:56 +01:00
parent 3c09722600
commit e6640ad44e
3 changed files with 26 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
src/misc2.c
View File

@@ -1622,11 +1622,17 @@ strup_save(char_u *orig)
char_u *s;
c = utf_ptr2char(p);
l = utf_ptr2len(p);
if (c == 0)
{
/* overlong sequence, use only the first byte */
c = *p;
l = 1;
}
uc = utf_toupper(c);
/* Reallocate string when byte count changes. This is rare,
* thus it's OK to do another malloc()/free(). */
l = utf_ptr2len(p);
newl = utf_char2len(uc);
if (newl != l)
{
@@ -1685,11 +1691,17 @@ strlow_save(char_u *orig)
char_u *s;
c = utf_ptr2char(p);
l = utf_ptr2len(p);
if (c == 0)
{
/* overlong sequence, use only the first byte */
c = *p;
l = 1;
}
lc = utf_tolower(c);
/* Reallocate string when byte count changes. This is rare,
* thus it's OK to do another malloc()/free(). */
l = utf_ptr2len(p);
newl = utf_char2len(lc);
if (newl != l)
{