Patch 7.3.809
Problem: The dosinst.c program has a buffer overflow. (Thomas Gwae)
Solution: Ignore $VIMRUNTIME if it is too long.
Files: src/dosinst.c
*** ../vim-7.3.808/src/dosinst.c 2010-08-15 21:57:28.000000000 +0200
--- src/dosinst.c 2013-02-13 14:34:25.000000000 +0100
***************
*** 375,381 ****
/* First get $VIMRUNTIME. If it's set, remove the tail. */
vim = getenv("VIMRUNTIME");
! if (vim != NULL && *vim != 0)
{
strcpy(buf, vim);
remove_tail(buf);
--- 375,381 ----
/* First get $VIMRUNTIME. If it's set, remove the tail. */
vim = getenv("VIMRUNTIME");
! if (vim != NULL && *vim != 0 && strlen(vim) < BUFSIZE)
{
strcpy(buf, vim);
remove_tail(buf);
*** ../vim-7.3.808/src/version.c 2013-02-13 14:17:00.000000000 +0100
--- src/version.c 2013-02-13 14:36:33.000000000 +0100
***************
*** 727,728 ****
--- 727,730 ----
{ /* Add new patch number below this line */
+ /**/
+ 809,
/**/
--
"I know that there are people who don't love their fellow man,
and I hate those people!" - Tom Lehrer
/// Bram Moolenaar -- [email protected] -- http://www.Moolenaar.net \\\
/// sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\
\\\ an exciting new programming language -- http://www.Zimbu.org ///
\\\ help me help AIDS victims -- http://ICCF-Holland.org ///
--
--
You received this message from the "vim_dev" maillist.
Do not top-post! Type your reply below the text you are replying to.
For more information, visit http://www.vim.org/maillist.php
---
You received this message because you are subscribed to the Google Groups
"vim_dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
