Patch 7.3.365
Problem: Crash when using a large Unicode character in a file that has
syntax highlighting. (ngollan)
Solution: Check for going past the end of the utf tables. (Dominique Pelle)
Files: src/mbyte.c
*** ../vim-7.3.364/src/mbyte.c 2011-08-10 13:21:30.000000000 +0200
--- src/mbyte.c 2011-12-08 15:09:13.000000000 +0100
***************
*** 2764,2782 ****
int tableSize;
{
int start, mid, end; /* indices into table */
start = 0;
! end = tableSize / sizeof(convertStruct);
while (start < end)
{
/* need to search further */
! mid = (end + start) /2;
if (table[mid].rangeEnd < a)
start = mid + 1;
else
end = mid;
}
! if (table[start].rangeStart <= a && a <= table[start].rangeEnd
&& (a - table[start].rangeStart) % table[start].step == 0)
return (a + table[start].offset);
else
--- 2764,2785 ----
int tableSize;
{
int start, mid, end; /* indices into table */
+ int entries = tableSize / sizeof(convertStruct);
start = 0;
! end = entries;
while (start < end)
{
/* need to search further */
! mid = (end + start) / 2;
if (table[mid].rangeEnd < a)
start = mid + 1;
else
end = mid;
}
! if (start < entries
! && table[start].rangeStart <= a
! && a <= table[start].rangeEnd
&& (a - table[start].rangeStart) % table[start].step == 0)
return (a + table[start].offset);
else
***************
*** 2791,2797 ****
utf_fold(a)
int a;
{
! return utf_convert(a, foldCase, sizeof(foldCase));
}
static convertStruct toLower[] =
--- 2794,2800 ----
utf_fold(a)
int a;
{
! return utf_convert(a, foldCase, (int)sizeof(foldCase));
}
static convertStruct toLower[] =
***************
*** 3119,3125 ****
return TOUPPER_LOC(a);
/* For any other characters use the above mapping table. */
! return utf_convert(a, toUpper, sizeof(toUpper));
}
int
--- 3122,3128 ----
return TOUPPER_LOC(a);
/* For any other characters use the above mapping table. */
! return utf_convert(a, toUpper, (int)sizeof(toUpper));
}
int
***************
*** 3152,3158 ****
return TOLOWER_LOC(a);
/* For any other characters use the above mapping table. */
! return utf_convert(a, toLower, sizeof(toLower));
}
int
--- 3155,3161 ----
return TOLOWER_LOC(a);
/* For any other characters use the above mapping table. */
! return utf_convert(a, toLower, (int)sizeof(toLower));
}
int
*** ../vim-7.3.364/src/version.c 2011-12-01 20:59:16.000000000 +0100
--- src/version.c 2011-12-08 15:07:53.000000000 +0100
***************
*** 716,717 ****
--- 716,719 ----
{ /* Add new patch number below this line */
+ /**/
+ 365,
/**/
--
Hear about the guy who played a blank tape at full blast?
The mime next door went nuts.
/// Bram Moolenaar -- [email protected] -- http://www.Moolenaar.net \\\
/// sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\
\\\ an exciting new programming language -- http://www.Zimbu.org ///
\\\ help me help AIDS victims -- http://ICCF-Holland.org ///
--
You received this message from the "vim_dev" maillist.
Do not top-post! Type your reply below the text you are replying to.
For more information, visit http://www.vim.org/maillist.php
