commit 6680002169a8cc505186e81acc161bec40658d73
parent 5d1f0c3eca9675bfdeb75402ec3340d05cc34732
Author: zeertzjq <zeertzjq@outlook.com>
Date: Wed, 24 Aug 2022 21:44:37 +0800
vim-patch:9.0.0060: accessing uninitialized memory when completing long line
Problem: Accessing uninitialized memory when completing long line.
Solution: Terminate string with NUL.
https://github.com/vim/vim/commit/b9e717367c395490149495cf375911b5d9de889e
Diffstat:
2 files changed, 8 insertions(+), 0 deletions(-)
diff --git a/src/nvim/insexpand.c b/src/nvim/insexpand.c
@@ -582,6 +582,7 @@ static char_u *ins_compl_infercase_gettext(char_u *str, int char_len, int compl_
// getting to six bytes from the edge of IObuff switch to using a
// growarray. Add the character in the next round.
ga_grow(&gap, IOSIZE);
+ *p = NUL;
STRCPY(gap.ga_data, IObuff);
gap.ga_len = (int)STRLEN(IObuff);
} else {
diff --git a/src/nvim/testdir/test_ins_complete.vim b/src/nvim/testdir/test_ins_complete.vim
@@ -965,6 +965,13 @@ func Test_infercase_very_long_line()
exe "normal 2Go\<C-X>\<C-L>\<Esc>"
call assert_equal(longLine, getline(3))
+ " check that the too long text is NUL terminated
+ %del
+ norm o
+ norm 1987ax
+ exec "norm ox\<C-X>\<C-L>"
+ call assert_equal(repeat('x', 1987), getline(3))
+
bwipe!
set noic noinfercase
endfunc
