Commit: patch 9.1.1270: missing out-of-memory checks in buffer.c
1 view
Skip to first unread message
Christian Brabandt
Apr 2, 2025, 2:45:13 PM4/2/25
to vim...@googlegroups.com
patch 9.1.1270: missing out-of-memory checks in buffer.c
Commit: https://github.com/vim/vim/commit/7fb90815a0a29238c12e53b53e14fc55109f02b7
Author: John Marriott <basi...@internode.on.net>
Date: Wed Apr 2 20:32:35 2025 +0200
patch 9.1.1270: missing out-of-memory checks in buffer.c
Problem: missing out-of-memory checks in buffer.c
Solution: handle out-of-memory situations during allocation
(John Marriott)
closes: #17031
Signed-off-by: John Marriott <basi...@internode.on.net>
Signed-off-by: Christian Brabandt <c...@256bit.org>
diff --git a/src/buffer.c b/src/buffer.c
index 68388db08..8277b726c 100644
--- a/src/buffer.c
+++ b/src/buffer.c
@@ -2926,6 +2926,8 @@ ExpandBufnames(
p = home_replace_save(buf, p);
else
p = vim_strsave(p);
+ if (p == NULL)
+ return FAIL;
if (!fuzzy)
{
@@ -4030,8 +4032,11 @@ maketitle(void)
else
{
p = transstr(gettail(curbuf->b_fname));
- vim_strncpy(buf, p, SPACE_FOR_FNAME);
- vim_free(p);
+ if (p != NULL)
+ {
+ vim_strncpy(buf, p, SPACE_FOR_FNAME);
+ vim_free(p);
+ }
}
#ifdef FEAT_TERMINAL
@@ -4084,8 +4089,11 @@ maketitle(void)
if (off < SPACE_FOR_DIR)
{
p = transstr(buf + off);
- vim_strncpy(buf + off, p, (size_t)(SPACE_FOR_DIR - off));
- vim_free(p);
+ if (p != NULL)
+ {
+ vim_strncpy(buf + off, p, (size_t)(SPACE_FOR_DIR - off));
+ vim_free(p);
+ }
}
else
{
@@ -4767,25 +4775,29 @@ build_stl_str_hl(
size_t new_fmt_len = parsed_usefmt
+ str_length + fmt_length + 3;
char_u *new_fmt = (char_u *)alloc(new_fmt_len * sizeof(char_u));
- char_u *new_fmt_p = new_fmt;
-
- new_fmt_p = (char_u *)memcpy(new_fmt_p, usefmt, parsed_usefmt)
- + parsed_usefmt;
- new_fmt_p = (char_u *)memcpy(new_fmt_p , str, str_length)
- + str_length;
- new_fmt_p = (char_u *)memcpy(new_fmt_p, "%}", 2) + 2;
- new_fmt_p = (char_u *)memcpy(new_fmt_p , s, fmt_length)
- + fmt_length;
- *new_fmt_p = 0;
- new_fmt_p = NULL;
-
- if (usefmt != fmt)
- vim_free(usefmt);
- VIM_CLEAR(str);
- usefmt = new_fmt;
- s = usefmt + parsed_usefmt;
- evaldepth++;
- continue;
+
+ if (new_fmt != NULL)
+ {
+ char_u *new_fmt_p = new_fmt;
+
+ new_fmt_p = (char_u *)memcpy(new_fmt_p, usefmt, parsed_usefmt)
+ + parsed_usefmt;
+ new_fmt_p = (char_u *)memcpy(new_fmt_p , str, str_length)
+ + str_length;
+ new_fmt_p = (char_u *)memcpy(new_fmt_p, "%}", 2) + 2;
+ new_fmt_p = (char_u *)memcpy(new_fmt_p , s, fmt_length)
+ + fmt_length;
+ *new_fmt_p = 0;
+ new_fmt_p = NULL;
+
+ if (usefmt != fmt)
+ vim_free(usefmt);
+ VIM_CLEAR(str);
+ usefmt = new_fmt;
+ s = usefmt + parsed_usefmt;
+ evaldepth++;
+ continue;
+ }
}
#endif
break;
diff --git a/src/version.c b/src/version.c
index 7882f5eb7..6f54a94f5 100644
--- a/src/version.c
+++ b/src/version.c
@@ -704,6 +704,8 @@ static char *(features[]) =
static int included_patches[] =
{ /* Add new patch number below this line */
+/**/
+ 1270,
/**/
1269,
/**/
Commit: https://github.com/vim/vim/commit/7fb90815a0a29238c12e53b53e14fc55109f02b7
Author: John Marriott <basi...@internode.on.net>
Date: Wed Apr 2 20:32:35 2025 +0200
patch 9.1.1270: missing out-of-memory checks in buffer.c
Problem: missing out-of-memory checks in buffer.c
Solution: handle out-of-memory situations during allocation
(John Marriott)
closes: #17031
Signed-off-by: John Marriott <basi...@internode.on.net>
Signed-off-by: Christian Brabandt <c...@256bit.org>
diff --git a/src/buffer.c b/src/buffer.c
index 68388db08..8277b726c 100644
--- a/src/buffer.c
+++ b/src/buffer.c
@@ -2926,6 +2926,8 @@ ExpandBufnames(
p = home_replace_save(buf, p);
else
p = vim_strsave(p);
+ if (p == NULL)
+ return FAIL;
if (!fuzzy)
{
@@ -4030,8 +4032,11 @@ maketitle(void)
else
{
p = transstr(gettail(curbuf->b_fname));
- vim_strncpy(buf, p, SPACE_FOR_FNAME);
- vim_free(p);
+ if (p != NULL)
+ {
+ vim_strncpy(buf, p, SPACE_FOR_FNAME);
+ vim_free(p);
+ }
}
#ifdef FEAT_TERMINAL
@@ -4084,8 +4089,11 @@ maketitle(void)
if (off < SPACE_FOR_DIR)
{
p = transstr(buf + off);
- vim_strncpy(buf + off, p, (size_t)(SPACE_FOR_DIR - off));
- vim_free(p);
+ if (p != NULL)
+ {
+ vim_strncpy(buf + off, p, (size_t)(SPACE_FOR_DIR - off));
+ vim_free(p);
+ }
}
else
{
@@ -4767,25 +4775,29 @@ build_stl_str_hl(
size_t new_fmt_len = parsed_usefmt
+ str_length + fmt_length + 3;
char_u *new_fmt = (char_u *)alloc(new_fmt_len * sizeof(char_u));
- char_u *new_fmt_p = new_fmt;
-
- new_fmt_p = (char_u *)memcpy(new_fmt_p, usefmt, parsed_usefmt)
- + parsed_usefmt;
- new_fmt_p = (char_u *)memcpy(new_fmt_p , str, str_length)
- + str_length;
- new_fmt_p = (char_u *)memcpy(new_fmt_p, "%}", 2) + 2;
- new_fmt_p = (char_u *)memcpy(new_fmt_p , s, fmt_length)
- + fmt_length;
- *new_fmt_p = 0;
- new_fmt_p = NULL;
-
- if (usefmt != fmt)
- vim_free(usefmt);
- VIM_CLEAR(str);
- usefmt = new_fmt;
- s = usefmt + parsed_usefmt;
- evaldepth++;
- continue;
+
+ if (new_fmt != NULL)
+ {
+ char_u *new_fmt_p = new_fmt;
+
+ new_fmt_p = (char_u *)memcpy(new_fmt_p, usefmt, parsed_usefmt)
+ + parsed_usefmt;
+ new_fmt_p = (char_u *)memcpy(new_fmt_p , str, str_length)
+ + str_length;
+ new_fmt_p = (char_u *)memcpy(new_fmt_p, "%}", 2) + 2;
+ new_fmt_p = (char_u *)memcpy(new_fmt_p , s, fmt_length)
+ + fmt_length;
+ *new_fmt_p = 0;
+ new_fmt_p = NULL;
+
+ if (usefmt != fmt)
+ vim_free(usefmt);
+ VIM_CLEAR(str);
+ usefmt = new_fmt;
+ s = usefmt + parsed_usefmt;
+ evaldepth++;
+ continue;
+ }
}
#endif
break;
diff --git a/src/version.c b/src/version.c
index 7882f5eb7..6f54a94f5 100644
--- a/src/version.c
+++ b/src/version.c
@@ -704,6 +704,8 @@ static char *(features[]) =
static int included_patches[] =
{ /* Add new patch number below this line */
+/**/
+ 1270,
/**/
1269,
/**/
Reply all
Reply to author
Forward
0 new messages