Patch 7.4.1445
Problem: Memory corruption when 'encoding' is not utf-8.
Solution: Convert decoded string later.
Files: src/json.c
*** ../vim-7.4.1444/src/json.c 2016-02-27 22:59:37.592212164 +0100
--- src/json.c 2016-02-28 14:47:21.613271420 +0100
***************
*** 86,91 ****
--- 86,93 ----
if (!enc_utf8)
{
+ /* Convert the text from 'encoding' to utf-8, the JSON string is
+ * always utf-8. */
conv.vc_type = CONV_NONE;
convert_setup(&conv, p_enc, (char_u*)"utf-8");
if (conv.vc_type != CONV_NONE)
***************
*** 534,566 ****
int c;
long nr;
char_u buf[NUMBUFLEN];
- #if defined(FEAT_MBYTE) && defined(USE_ICONV)
- vimconv_T conv;
- char_u *converted = NULL;
- #endif
if (res != NULL)
ga_init2(&ga, 1, 200);
p = reader->js_buf + reader->js_used + 1; /* skip over " */
- #if defined(FEAT_MBYTE) && defined(USE_ICONV)
- if (!enc_utf8)
- {
- conv.vc_type = CONV_NONE;
- convert_setup(&conv, (char_u*)"utf-8", p_enc);
- if (conv.vc_type != CONV_NONE)
- converted = p = string_convert(&conv, p, NULL);
- convert_setup(&conv, NULL, NULL);
- }
- #endif
while (*p != '"')
{
if (*p == NUL || p[1] == NUL
#ifdef FEAT_MBYTE
|| utf_ptr2len(p) < utf_byte2len(*p)
#endif
)
{
if (reader->js_fill == NULL)
break;
len = (int)(reader->js_end - p);
--- 536,558 ----
int c;
long nr;
char_u buf[NUMBUFLEN];
if (res != NULL)
ga_init2(&ga, 1, 200);
p = reader->js_buf + reader->js_used + 1; /* skip over " */
while (*p != '"')
{
+ /* The JSON is always expected to be utf-8, thus use utf functions
+ * here. The string is converted below if needed. */
if (*p == NUL || p[1] == NUL
#ifdef FEAT_MBYTE
|| utf_ptr2len(p) < utf_byte2len(*p)
#endif
)
{
+ /* Not enough bytes to make a character or end of the string. Get
+ * more if possible. */
if (reader->js_fill == NULL)
break;
len = (int)(reader->js_end - p);
***************
*** 652,660 ****
if (ga_grow(&ga, len) == FAIL)
{
ga_clear(&ga);
- #if defined(FEAT_MBYTE) && defined(USE_ICONV)
- vim_free(converted);
- #endif
return FAIL;
}
mch_memmove((char *)ga.ga_data + ga.ga_len, p, (size_t)len);
--- 644,649 ----
***************
*** 663,671 ****
p += len;
}
}
- #if defined(FEAT_MBYTE) && defined(USE_ICONV)
- vim_free(converted);
- #endif
reader->js_used = (int)(p - reader->js_buf);
if (*p == '"')
--- 652,657 ----
***************
*** 674,680 ****
if (res != NULL)
{
res->v_type = VAR_STRING;
! res->vval.v_string = ga.ga_data;
}
return OK;
}
--- 660,684 ----
if (res != NULL)
{
res->v_type = VAR_STRING;
! #if defined(FEAT_MBYTE) && defined(USE_ICONV)
! if (!enc_utf8)
! {
! vimconv_T conv;
!
! /* Convert the utf-8 string to 'encoding'. */
! conv.vc_type = CONV_NONE;
! convert_setup(&conv, (char_u*)"utf-8", p_enc);
! if (conv.vc_type != CONV_NONE)
! {
! res->vval.v_string =
! string_convert(&conv, ga.ga_data, NULL);
! vim_free(ga.ga_data);
! }
! convert_setup(&conv, NULL, NULL);
! }
! else
! #endif
! res->vval.v_string = ga.ga_data;
}
return OK;
}
*** ../vim-7.4.1444/src/version.c 2016-02-27 22:59:37.592212164 +0100
--- src/version.c 2016-02-28 14:51:43.002538523 +0100
***************
*** 745,746 ****
--- 745,748 ----
{ /* Add new patch number below this line */
+ /**/
+ 1445,
/**/
--
[The rest of the ARMY stand around looking at a loss.]
INSPECTOR END OF FILM: (picks up megaphone) All right! Clear off! Go on!
"Monty Python and the Holy Grail" PYTHON (MONTY) PICTURES LTD
/// Bram Moolenaar -- [email protected] -- http://www.Moolenaar.net \\\
/// sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\
\\\ an exciting new programming language -- http://www.Zimbu.org ///
\\\ help me help AIDS victims -- http://ICCF-Holland.org ///
--
--
You received this message from the "vim_dev" maillist.
Do not top-post! Type your reply below the text you are replying to.
For more information, visit http://www.vim.org/maillist.php
---
You received this message because you are subscribed to the Google Groups
"vim_dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
