To: vim-dev@vim.org Subject: Patch 5.7.030 Fcc: outbox From: Bram Moolenaar ------------ Patch 5.7.030 Problem: A ":make" or ":grep" command with a very long argument could cause a crash. Solution: Allocate the buffer for the shell command. Files: src/ex_docmd.c *** ../vim-5.7.29/src/ex_docmd.c Mon Jan 29 21:37:18 2001 --- src/ex_docmd.c Tue Apr 24 17:00:42 2001 *************** *** 4059,4064 **** --- 4062,4069 ---- char_u *errorformat; { char_u *name; + char_u *cmd; + unsigned len; autowrite_all(); name = get_mef_name(TRUE); *************** *** 4069,4078 **** /* * If 'shellpipe' empty: don't redirect to 'errorfile'. */ if (*p_sp == NUL) ! sprintf((char *)IObuff, "%s%s%s", p_shq, arg, p_shq); else ! sprintf((char *)IObuff, "%s%s%s %s %s", p_shq, arg, p_shq, p_sp, name); /* * Output a newline if there's something else than the :make command that * was typed (in which case the cursor is in column 0). --- 4074,4089 ---- /* * If 'shellpipe' empty: don't redirect to 'errorfile'. */ + len = STRLEN(p_shq) * 2 + STRLEN(arg) + 1; + if (*p_sp != NUL) + len += STRLEN(p_sp) + STRLEN(name) + 2; + cmd = alloc(len); + if (cmd == NULL) + return; if (*p_sp == NUL) ! sprintf((char *)cmd, "%s%s%s", p_shq, arg, p_shq); else ! sprintf((char *)cmd, "%s%s%s %s %s", p_shq, arg, p_shq, p_sp, name); /* * Output a newline if there's something else than the :make command that * was typed (in which case the cursor is in column 0). *************** *** 4080,4089 **** if (msg_col != 0) msg_putchar('\n'); MSG_PUTS(":!"); ! msg_outtrans(IObuff); /* show what we are doing */ /* let the shell know if we are redirecting output or not */ ! do_shell(IObuff, *p_sp ? SHELL_DOOUT : 0); #ifdef AMIGA out_flush(); --- 4091,4100 ---- if (msg_col != 0) msg_putchar('\n'); MSG_PUTS(":!"); ! msg_outtrans(cmd); /* show what we are doing */ /* let the shell know if we are redirecting output or not */ ! do_shell(cmd, *p_sp != NUL ? SHELL_DOOUT : 0); #ifdef AMIGA out_flush(); *************** *** 4096,4101 **** --- 4107,4113 ---- mch_remove(name); vim_free(name); + vim_free(cmd); } /* *** ../vim-5.7.29/src/version.c Tue Apr 24 10:30:03 2001 --- src/version.c Tue Apr 24 17:05:49 2001 *************** *** 439,440 **** --- 439,442 ---- { /* Add new patch number below this line */ + /**/ + 30, /**/ -- A poem: read aloud: <> !*''# Waka waka bang splat tick tick hash, ^"`$$- Caret quote back-tick dollar dollar dash, !*=@$_ Bang splat equal at dollar under-score, %*<> ~#4 Percent splat waka waka tilde number four, &[]../ Ampersand bracket bracket dot dot slash, |{,,SYSTEM HALTED Vertical-bar curly-bracket comma comma CRASH. Fred Bremmer and Steve Kroese (Calvin College & Seminary of Grand Rapids, MI.) /// Bram Moolenaar -- Bram@moolenaar.net -- http://www.moolenaar.net \\\ ((( Creator of Vim - http://www.vim.org -- ftp://ftp.vim.org/pub/vim ))) \\\ Help me helping AIDS orphans in Uganda - http://iccf-holland.org ///