diff options
Diffstat (limited to 'source/ap/vim/patches/7.3.160')
-rw-r--r-- | source/ap/vim/patches/7.3.160 | 482 |
1 files changed, 482 insertions, 0 deletions
diff --git a/source/ap/vim/patches/7.3.160 b/source/ap/vim/patches/7.3.160 new file mode 100644 index 00000000..bf3a069f --- /dev/null +++ b/source/ap/vim/patches/7.3.160 @@ -0,0 +1,482 @@ +To: vim_dev@googlegroups.com +Subject: Patch 7.3.160 +Fcc: outbox +From: Bram Moolenaar <Bram@moolenaar.net> +Mime-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit +------------ + +Patch 7.3.160 +Problem: Unsafe string copying. +Solution: Use vim_strncpy() instead of strcpy(). Use vim_strcat() instead + of strcat(). +Files: src/buffer.c, src/ex_docmd.c, src/hardcopy.c, src/menu.c, + src/misc1.c, src/misc2.c, src/proto/misc2.pro, src/netbeans.c, + src/os_unix.c, src/spell.c, src/syntax.c, src/tag.c + +*** ../vim-7.3.159/src/buffer.c 2011-02-15 14:24:42.000000000 +0100 +--- src/buffer.c 2011-04-11 16:08:38.000000000 +0200 +*************** +*** 3176,3182 **** + /* format: "fname + (path) (1 of 2) - VIM" */ + + if (curbuf->b_fname == NULL) +! STRCPY(buf, _("[No Name]")); + else + { + p = transstr(gettail(curbuf->b_fname)); +--- 3176,3182 ---- + /* format: "fname + (path) (1 of 2) - VIM" */ + + if (curbuf->b_fname == NULL) +! vim_strncpy(buf, (char_u *)_("[No Name]"), IOSIZE - 100); + else + { + p = transstr(gettail(curbuf->b_fname)); +*************** +*** 3232,3238 **** + if (serverName != NULL) + { + STRCAT(buf, " - "); +! STRCAT(buf, serverName); + } + else + #endif +--- 3232,3238 ---- + if (serverName != NULL) + { + STRCAT(buf, " - "); +! vim_strcat(buf, serverName, IOSIZE); + } + else + #endif +*** ../vim-7.3.159/src/ex_docmd.c 2011-03-03 15:54:45.000000000 +0100 +--- src/ex_docmd.c 2011-04-11 15:43:48.000000000 +0200 +*************** +*** 5096,5102 **** + char_u buff[IOSIZE]; + + if (n == 1) +! STRCPY(buff, _("1 more file to edit. Quit anyway?")); + else + vim_snprintf((char *)buff, IOSIZE, + _("%d more files to edit. Quit anyway?"), n); +--- 5096,5104 ---- + char_u buff[IOSIZE]; + + if (n == 1) +! vim_strncpy(buff, +! (char_u *)_("1 more file to edit. Quit anyway?"), +! IOSIZE - 1); + else + vim_snprintf((char *)buff, IOSIZE, + _("%d more files to edit. Quit anyway?"), n); +*** ../vim-7.3.159/src/hardcopy.c 2010-08-15 21:57:25.000000000 +0200 +--- src/hardcopy.c 2011-04-11 15:30:09.000000000 +0200 +*************** +*** 1761,1772 **** + { + char_u buffer[MAXPATHL + 1]; + +! STRCPY(resource->name, name); + /* Look for named resource file in runtimepath */ + STRCPY(buffer, "print"); + add_pathsep(buffer); +! STRCAT(buffer, name); +! STRCAT(buffer, ".ps"); + resource->filename[0] = NUL; + return (do_in_runtimepath(buffer, FALSE, prt_resource_name, + resource->filename) +--- 1761,1772 ---- + { + char_u buffer[MAXPATHL + 1]; + +! vim_strncpy(resource->name, (char_u *)name, 63); + /* Look for named resource file in runtimepath */ + STRCPY(buffer, "print"); + add_pathsep(buffer); +! vim_strcat(buffer, (char_u *)name, MAXPATHL); +! vim_strcat(buffer, (char_u *)".ps", MAXPATHL); + resource->filename[0] = NUL; + return (do_in_runtimepath(buffer, FALSE, prt_resource_name, + resource->filename) +*** ../vim-7.3.159/src/menu.c 2011-01-04 17:49:25.000000000 +0100 +--- src/menu.c 2011-04-11 15:17:21.000000000 +0200 +*************** +*** 1394,1400 **** + int idx; + { + static vimmenu_T *menu = NULL; +! static char_u tbuffer[256]; /*hack*/ + char_u *str; + #ifdef FEAT_MULTI_LANG + static int should_advance = FALSE; +--- 1394,1401 ---- + int idx; + { + static vimmenu_T *menu = NULL; +! #define TBUFFER_LEN 256 +! static char_u tbuffer[TBUFFER_LEN]; /*hack*/ + char_u *str; + #ifdef FEAT_MULTI_LANG + static int should_advance = FALSE; +*************** +*** 1428,1438 **** + { + #ifdef FEAT_MULTI_LANG + if (should_advance) +! STRCPY(tbuffer, menu->en_dname); + else + { + #endif +! STRCPY(tbuffer, menu->dname); + #ifdef FEAT_MULTI_LANG + if (menu->en_dname == NULL) + should_advance = TRUE; +--- 1429,1439 ---- + { + #ifdef FEAT_MULTI_LANG + if (should_advance) +! vim_strncpy(tbuffer, menu->en_dname, TBUFFER_LEN - 2); + else + { + #endif +! vim_strncpy(tbuffer, menu->dname, TBUFFER_LEN - 2); + #ifdef FEAT_MULTI_LANG + if (menu->en_dname == NULL) + should_advance = TRUE; +*** ../vim-7.3.159/src/misc1.c 2011-04-11 14:27:34.000000000 +0200 +--- src/misc1.c 2011-04-11 16:03:22.000000000 +0200 +*************** +*** 3332,3350 **** + if (pn == 1) + { + if (n > 0) +! STRCPY(msg_buf, _("1 more line")); + else +! STRCPY(msg_buf, _("1 line less")); + } + else + { + if (n > 0) +! sprintf((char *)msg_buf, _("%ld more lines"), pn); + else +! sprintf((char *)msg_buf, _("%ld fewer lines"), pn); + } + if (got_int) +! STRCAT(msg_buf, _(" (Interrupted)")); + if (msg(msg_buf)) + { + set_keep_msg(msg_buf, 0); +--- 3332,3354 ---- + if (pn == 1) + { + if (n > 0) +! vim_strncpy(msg_buf, (char_u *)_("1 more line"), +! MSG_BUF_LEN - 1); + else +! vim_strncpy(msg_buf, (char_u *)_("1 line less"), +! MSG_BUF_LEN - 1); + } + else + { + if (n > 0) +! vim_snprintf((char *)msg_buf, MSG_BUF_LEN, +! _("%ld more lines"), pn); + else +! vim_snprintf((char *)msg_buf, MSG_BUF_LEN, +! _("%ld fewer lines"), pn); + } + if (got_int) +! vim_strcat(msg_buf, (char_u *)_(" (Interrupted)"), MSG_BUF_LEN); + if (msg(msg_buf)) + { + set_keep_msg(msg_buf, 0); +*** ../vim-7.3.159/src/misc2.c 2010-12-08 13:11:15.000000000 +0100 +--- src/misc2.c 2011-04-11 15:30:20.000000000 +0200 +*************** +*** 1647,1652 **** +--- 1647,1674 ---- + } + + /* ++ * Like strcat(), but make sure the result fits in "tosize" bytes and is ++ * always NUL terminated. ++ */ ++ void ++ vim_strcat(to, from, tosize) ++ char_u *to; ++ char_u *from; ++ size_t tosize; ++ { ++ size_t tolen = STRLEN(to); ++ size_t fromlen = STRLEN(from); ++ ++ if (tolen + fromlen + 1 > tosize) ++ { ++ mch_memmove(to + tolen, from, tosize - tolen - 1); ++ to[tosize - 1] = NUL; ++ } ++ else ++ STRCPY(to + tolen, from); ++ } ++ ++ /* + * Isolate one part of a string option where parts are separated with + * "sep_chars". + * The part is copied into "buf[maxlen]". +*** ../vim-7.3.159/src/proto/misc2.pro 2010-08-15 21:57:28.000000000 +0200 +--- src/proto/misc2.pro 2011-04-11 15:29:55.000000000 +0200 +*************** +*** 40,45 **** +--- 40,46 ---- + void copy_chars __ARGS((char_u *ptr, size_t count, int c)); + void del_trailing_spaces __ARGS((char_u *ptr)); + void vim_strncpy __ARGS((char_u *to, char_u *from, size_t len)); ++ void vim_strcat __ARGS((char_u *to, char_u *from, size_t tosize)); + int copy_option_part __ARGS((char_u **option, char_u *buf, int maxlen, char *sep_chars)); + void vim_free __ARGS((void *x)); + int vim_stricmp __ARGS((char *s1, char *s2)); +*** ../vim-7.3.159/src/netbeans.c 2011-04-01 15:33:54.000000000 +0200 +--- src/netbeans.c 2011-04-11 16:02:51.000000000 +0200 +*************** +*** 3914,3927 **** + } + else + { +! char_u ebuf[BUFSIZ]; + +! STRCPY(ebuf, (char_u *)_("E505: ")); +! STRCAT(ebuf, IObuff); +! STRCAT(ebuf, (char_u *)_("is read-only (add ! to override)")); +! STRCPY(IObuff, ebuf); +! nbdebug((" %s\n", ebuf )); +! emsg(IObuff); + } + } + +--- 3914,3925 ---- + } + else + { +! char_u msgbuf[IOSIZE]; + +! vim_snprintf((char *)msgbuf, IOSIZE, +! _("E505: %s is read-only (add ! to override)"), IObuff); +! nbdebug((" %s\n", msgbuf)); +! emsg(msgbuf); + } + } + +*** ../vim-7.3.159/src/os_unix.c 2011-02-15 17:39:14.000000000 +0100 +--- src/os_unix.c 2011-04-11 16:39:11.000000000 +0200 +*************** +*** 5725,5730 **** +--- 5725,5731 ---- + if (shell_style == STYLE_PRINT && !did_find_nul) + { + /* If there is a NUL, set did_find_nul, else set check_spaces */ ++ buffer[len] = NUL; + if (len && (int)STRLEN(buffer) < (int)len - 1) + did_find_nul = TRUE; + else +*************** +*** 6594,6600 **** + xterm_hints.x = 2; + return TRUE; + } +! if (mouse_code == NULL) + { + xterm_trace = 0; + return FALSE; +--- 6595,6601 ---- + xterm_hints.x = 2; + return TRUE; + } +! if (mouse_code == NULL || STRLEN(mouse_code) > 45) + { + xterm_trace = 0; + return FALSE; +*** ../vim-7.3.159/src/spell.c 2011-02-01 13:59:44.000000000 +0100 +--- src/spell.c 2011-04-11 15:50:40.000000000 +0200 +*************** +*** 6957,6963 **** + if (ae->ae_add == NULL) + *newword = NUL; + else +! STRCPY(newword, ae->ae_add); + p = word; + if (ae->ae_chop != NULL) + { +--- 6957,6963 ---- + if (ae->ae_add == NULL) + *newword = NUL; + else +! vim_strncpy(newword, ae->ae_add, MAXWLEN - 1); + p = word; + if (ae->ae_chop != NULL) + { +*************** +*** 6978,6984 **** + else + { + /* suffix: chop/add at the end of the word */ +! STRCPY(newword, word); + if (ae->ae_chop != NULL) + { + /* Remove chop string. */ +--- 6978,6984 ---- + else + { + /* suffix: chop/add at the end of the word */ +! vim_strncpy(newword, word, MAXWLEN - 1); + if (ae->ae_chop != NULL) + { + /* Remove chop string. */ +*************** +*** 8654,8660 **** + * Write the .sug file. + * Make the file name by changing ".spl" to ".sug". + */ +! STRCPY(fname, wfname); + len = (int)STRLEN(fname); + fname[len - 2] = 'u'; + fname[len - 1] = 'g'; +--- 8654,8660 ---- + * Write the .sug file. + * Make the file name by changing ".spl" to ".sug". + */ +! vim_strncpy(fname, wfname, MAXPATHL - 1); + len = (int)STRLEN(fname); + fname[len - 2] = 'u'; + fname[len - 1] = 'g'; +*************** +*** 10261,10267 **** + + /* The suggested word may replace only part of the bad word, add + * the not replaced part. */ +! STRCPY(wcopy, stp->st_word); + if (sug.su_badlen > stp->st_orglen) + vim_strncpy(wcopy + stp->st_wordlen, + sug.su_badptr + stp->st_orglen, +--- 10261,10267 ---- + + /* The suggested word may replace only part of the bad word, add + * the not replaced part. */ +! vim_strncpy(wcopy, stp->st_word, MAXWLEN); + if (sug.su_badlen > stp->st_orglen) + vim_strncpy(wcopy + stp->st_wordlen, + sug.su_badptr + stp->st_orglen, +*************** +*** 13162,13168 **** + pbad = badsound2; + } + +! if (lendiff > 0) + { + /* Add part of the bad word to the good word, so that we soundfold + * what replaces the bad word. */ +--- 13162,13168 ---- + pbad = badsound2; + } + +! if (lendiff > 0 && stp->st_wordlen + lendiff < MAXWLEN) + { + /* Add part of the bad word to the good word, so that we soundfold + * what replaces the bad word. */ +*************** +*** 13875,13881 **** + for (i = gap->ga_len - 1; i >= 0; --i) + { + /* Need to append what follows to check for "the the". */ +! STRCPY(longword, stp[i].st_word); + len = stp[i].st_wordlen; + vim_strncpy(longword + len, su->su_badptr + stp[i].st_orglen, + MAXWLEN - len); +--- 13875,13881 ---- + for (i = gap->ga_len - 1; i >= 0; --i) + { + /* Need to append what follows to check for "the the". */ +! vim_strncpy(longword, stp[i].st_word, MAXWLEN); + len = stp[i].st_wordlen; + vim_strncpy(longword + len, su->su_badptr + stp[i].st_orglen, + MAXWLEN - len); +*************** +*** 14221,14227 **** + *t = NUL; + } + else +! STRCPY(word, s); + + smp = (salitem_T *)slang->sl_sal.ga_data; + +--- 14221,14227 ---- + *t = NUL; + } + else +! vim_strncpy(word, s, MAXWLEN - 1); + + smp = (salitem_T *)slang->sl_sal.ga_data; + +*** ../vim-7.3.159/src/syntax.c 2011-04-02 15:12:45.000000000 +0200 +--- src/syntax.c 2011-04-11 15:44:30.000000000 +0200 +*************** +*** 8576,8583 **** + if (iarg & hl_attr_table[i]) + { + if (buf[0] != NUL) +! STRCAT(buf, ","); +! STRCAT(buf, hl_name_table[i]); + iarg &= ~hl_attr_table[i]; /* don't want "inverse" */ + } + } +--- 8576,8583 ---- + if (iarg & hl_attr_table[i]) + { + if (buf[0] != NUL) +! vim_strcat(buf, (char_u *)",", 100); +! vim_strcat(buf, (char_u *)hl_name_table[i], 100); + iarg &= ~hl_attr_table[i]; /* don't want "inverse" */ + } + } +*** ../vim-7.3.159/src/tag.c 2011-02-25 15:13:43.000000000 +0100 +--- src/tag.c 2011-04-11 15:34:59.000000000 +0200 +*************** +*** 806,812 **** + p = tag_full_fname(&tagp); + if (p == NULL) + continue; +! STRCPY(fname, p); + vim_free(p); + + /* +--- 806,812 ---- + p = tag_full_fname(&tagp); + if (p == NULL) + continue; +! vim_strncpy(fname, p, MAXPATHL); + vim_free(p); + + /* +*** ../vim-7.3.159/src/version.c 2011-04-11 14:29:13.000000000 +0200 +--- src/version.c 2011-04-11 16:50:53.000000000 +0200 +*************** +*** 716,717 **** +--- 716,719 ---- + { /* Add new patch number below this line */ ++ /**/ ++ 160, + /**/ + +-- +If someone questions your market projections, simply point out that your +target market is "People who are nuts" and "People who will buy any damn +thing". Nobody is going to tell you there aren't enough of those people +to go around. + (Scott Adams - The Dilbert principle) + + /// Bram Moolenaar -- Bram@Moolenaar.net -- http://www.Moolenaar.net \\\ +/// sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\ +\\\ an exciting new programming language -- http://www.Zimbu.org /// + \\\ help me help AIDS victims -- http://ICCF-Holland.org /// |