To: vim_dev@googlegroups.com Subject: Patch 8.1.0325 Fcc: outbox From: Bram Moolenaar Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ------------ Patch 8.1.0325 Problem: Strings in swap file may not be NUL terminated. (Coverity) Solution: Limit the length of the used string. Files: src/memline.c *** ../vim-8.1.0324/src/memline.c 2018-08-21 21:09:02.598739663 +0200 --- src/memline.c 2018-08-23 22:59:10.070904878 +0200 *************** *** 2065,2074 **** else { /* we have swap information */ ! dict_add_string(d, "version", vim_strsave(b0.b0_version)); ! dict_add_string(d, "user", vim_strsave(b0.b0_uname)); ! dict_add_string(d, "host", vim_strsave(b0.b0_hname)); ! dict_add_string(d, "fname", vim_strsave(b0.b0_fname)); dict_add_number(d, "pid", char_to_long(b0.b0_pid)); dict_add_number(d, "mtime", char_to_long(b0.b0_mtime)); --- 2065,2077 ---- else { /* we have swap information */ ! dict_add_string(d, "version", vim_strnsave(b0.b0_version, 10)); ! dict_add_string(d, "user", ! vim_strnsave(b0.b0_uname, B0_UNAME_SIZE)); ! dict_add_string(d, "host", ! vim_strnsave(b0.b0_hname, B0_HNAME_SIZE)); ! dict_add_string(d, "fname", ! vim_strnsave(b0.b0_fname, B0_FNAME_SIZE_ORG)); dict_add_number(d, "pid", char_to_long(b0.b0_pid)); dict_add_number(d, "mtime", char_to_long(b0.b0_mtime)); *** ../vim-8.1.0324/src/version.c 2018-08-23 22:51:30.882144095 +0200 --- src/version.c 2018-08-23 23:00:19.290441550 +0200 *************** *** 796,797 **** --- 796,799 ---- { /* Add new patch number below this line */ + /**/ + 325, /**/ -- If you had to identify, in one word, the reason why the human race has not achieved, and never will achieve, its full potential, that word would be "meetings." /// Bram Moolenaar -- Bram@Moolenaar.net -- http://www.Moolenaar.net \\\ /// sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\ \\\ an exciting new programming language -- http://www.Zimbu.org /// \\\ help me help AIDS victims -- http://ICCF-Holland.org ///