2016-07-17 23:25 GMT+03:00 Bram Moolenaar <[email protected]>:
>
> Patch 7.4.2064
> Problem: Coverity warns for possible buffer overflow.
> Solution: Use vim_strcat() instead of strcat().
> Files: src/quickfix.c
>
>
> *** ../vim-7.4.2063/src/quickfix.c 2016-07-17 19:25:00.964690765 +0200
> --- src/quickfix.c 2016-07-17 22:19:02.545753576 +0200
> ***************
> *** 2595,2601 ****
> {
> while (STRLEN(buf) < 34)
> STRCAT(buf, " ");
> ! STRCAT(buf, title);
> }
> trunc_string(buf, buf, Columns - 1, IOSIZE);
> msg(buf);
> --- 2595,2601 ----
> {
> while (STRLEN(buf) < 34)
> STRCAT(buf, " ");
> ! vim_strcat(buf, title, IOSIZE);
This is rather inefficient code on its own. I would suggest using something like
const size_t buf_len = STRLEN(buf);
if (buf_len < 34)
{
memset(buf + buf_len, ' ', 34 - buf_len);
buf[34] = NUL;
}
vim_strcat(buf, title, IOSIZE);
(may also use memcpy() for vim_strcat(), but doing this properly is
going to take 3 additional lines).
> }
> trunc_string(buf, buf, Columns - 1, IOSIZE);
> msg(buf);
> *** ../vim-7.4.2063/src/version.c 2016-07-17 22:13:26.817095253 +0200
> --- src/version.c 2016-07-17 22:21:05.224531053 +0200
> ***************
> *** 760,761 ****
> --- 760,763 ----
> { /* Add new patch number below this line */
> + /**/
> + 2064,
> /**/
>
> --
> GUARD #1: Where'd you get the coconut?
> ARTHUR: We found them.
> GUARD #1: Found them? In Mercea? The coconut's tropical!
> ARTHUR: What do you mean?
> GUARD #1: Well, this is a temperate zone.
> The Quest for the Holy Grail (Monty Python)
>
> /// Bram Moolenaar -- [email protected] -- http://www.Moolenaar.net \\\
> /// sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\
> \\\ an exciting new programming language -- http://www.Zimbu.org ///
> \\\ help me help AIDS victims -- http://ICCF-Holland.org ///
>
> --
> --
> You received this message from the "vim_dev" maillist.
> Do not top-post! Type your reply below the text you are replying to.
> For more information, visit http://www.vim.org/maillist.php
>
> ---
> You received this message because you are subscribed to the Google Groups
> "vim_dev" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected].
> For more options, visit https://groups.google.com/d/optout.
--
--
You received this message from the "vim_dev" maillist.
Do not top-post! Type your reply below the text you are replying to.
For more information, visit http://www.vim.org/maillist.php
---
You received this message because you are subscribed to the Google Groups
"vim_dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
