On Sat, Apr 30, 2016 at 01:17:22PM +0200, Bram Moolenaar wrote:
>
> Anton Lindqvist wrote:
>
> > I managed to crash Vim yesterday due to a off-by-one allocation bug
> > related to the quickfix changes. Fixed in the attached patch.
>
> Well, if I run test_quickfix after including this patch, Vim crashes.
> I found that a statement was missing, setting linelen to len.
> I did some minor cleanups.
Nice catch!
> I'll include it now. However, the code to increase the size of the
> buffer is repeated three times, would be nice to put it in one place.
Here's a proposal:
static char_u *
buffer_alloc(char_u *buf, int *bufsiz, int *newsiz)
{
if (*newsiz > LINE_MAXLEN)
*newsiz = LINE_MAXLEN - 1;
if (buf == NULL)
{
if ((buf = alloc(*newsiz)) == NULL)
return NULL;
}
else
{
if (*newsiz < *bufsiz)
return buf;
if ((buf = vim_realloc(buf, *newsiz)) == NULL)
return NULL;
}
/* allocation succeed */
*bufsiz = *newsiz;
return buf;
}
Then the following logic:
linelen = len > LINE_MAXLEN ? LINE_MAXLEN - 1 : len;
if (growbuf == NULL)
{
growbuf = alloc(linelen);
growbufsiz = linelen;
}
else if (linelen > growbufsiz)
{
growbuf = vim_realloc(growbuf, linelen);
if (growbuf == NULL)
goto qf_init_end;
growbufsiz = linelen;
}
linebuf = growbuf;
... could be replaced with:
linelen = len;
if ((growbuf = buffer_alloc(growbuf, &growbufsiz, &linelen)) == NULL)
goto qf_init_end;
Would you like me to submit such a patch?
--
:wq
--
--
You received this message from the "vim_dev" maillist.
Do not top-post! Type your reply below the text you are replying to.
For more information, visit http://www.vim.org/maillist.php
---
You received this message because you are subscribed to the Google Groups
"vim_dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
