Patch 8.2.4763
Problem: Using invalid pointer with "V:" in Ex mode.
Solution: Correctly handle the command being changed to "+".
Files: src/ex_docmd.c, src/testdir/test_ex_mode.vim
*** ../vim-8.2.4762/src/ex_docmd.c 2022-04-15 13:53:30.048708690 +0100
--- src/ex_docmd.c 2022-04-16 18:48:23.057704030 +0100
***************
*** 2783,2789 ****
--- 2783,2791 ----
cmdmod_T *cmod,
int skip_only)
{
+ char_u *orig_cmd = eap->cmd;
char_u *cmd_start = NULL;
+ int did_plus_cmd = FALSE;
char_u *p;
int starts_with_colon = FALSE;
int vim9script = in_vim9script();
***************
*** 2819,2824 ****
--- 2821,2827 ----
&& curwin->w_cursor.lnum < curbuf->b_ml.ml_line_count)
{
eap->cmd = (char_u *)"+";
+ did_plus_cmd = TRUE;
if (!skip_only)
ex_pressedreturn = TRUE;
}
***************
*** 3105,3117 ****
// Since the modifiers have been parsed put the colon on top of the
// space: "'<,'>mod cmd" -> "mod:'<,'>cmd
// Put eap->cmd after the colon.
! mch_memmove(cmd_start - 5, cmd_start, eap->cmd - cmd_start);
! eap->cmd -= 5;
! mch_memmove(eap->cmd - 1, ":'<,'>", 6);
}
else
! // no modifiers, move the pointer back
! eap->cmd -= 5;
}
return OK;
--- 3108,3136 ----
// Since the modifiers have been parsed put the colon on top of the
// space: "'<,'>mod cmd" -> "mod:'<,'>cmd
// Put eap->cmd after the colon.
! if (did_plus_cmd)
! {
! size_t len = STRLEN(cmd_start);
!
! // Special case: empty command may have been changed to "+":
! // "'<,'>mod" -> "mod'<,'>+
! mch_memmove(orig_cmd, cmd_start, len);
! STRCPY(orig_cmd + len, "'<,'>+");
! }
! else
! {
! mch_memmove(cmd_start - 5, cmd_start, eap->cmd - cmd_start);
! eap->cmd -= 5;
! mch_memmove(eap->cmd - 1, ":'<,'>", 6);
! }
}
else
! // No modifiers, move the pointer back.
! // Special case: empty command may have been changed to "+".
! if (did_plus_cmd)
! eap->cmd = (char_u *)"'<,'>+";
! else
! eap->cmd = orig_cmd;
}
return OK;
*** ../vim-8.2.4762/src/testdir/test_ex_mode.vim 2022-01-25
11:54:59.198464296 +0000
--- src/testdir/test_ex_mode.vim 2022-04-16 18:41:56.375130070 +0100
***************
*** 250,254 ****
--- 250,267 ----
bwipe!
endfunc
+ " This was accessing illegal memory when using "+" for eap->cmd.
+ func Test_empty_command_visual_mode()
+ let lines =<< trim END
+ r<sfile>
+ 0norm0V:
+ :qall!
+ END
+ call writefile(lines, 'Xexmodescript')
+ call assert_equal(1, RunVim([], [], '-u NONE -e -s -S Xexmodescript'))
+
+ call delete('Xexmodescript')
+ endfunc
+
" vim: shiftwidth=2 sts=2 expandtab
*** ../vim-8.2.4762/src/version.c 2022-04-16 16:49:20.370662695 +0100
--- src/version.c 2022-04-16 17:42:01.878236355 +0100
***************
*** 748,749 ****
--- 748,751 ----
{ /* Add new patch number below this line */
+ /**/
+ 4763,
/**/
--
All good vision statements are created by groups of people with bloated
bladders who would rather be doing anything else.
(Scott Adams - The Dilbert principle)
/// Bram Moolenaar -- [email protected] -- http://www.Moolenaar.net \\\
/// \\\
\\\ sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ ///
\\\ help me help AIDS victims -- http://ICCF-Holland.org ///
--
--
You received this message from the "vim_dev" maillist.
Do not top-post! Type your reply below the text you are replying to.
For more information, visit http://www.vim.org/maillist.php
---
You received this message because you are subscribed to the Google Groups
"vim_dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/vim_dev/20220416175357.CB0E91C05DA%40moolenaar.net.
