Loading ...
Sorry, an error occurred while loading the content.

[patch] fixed access beyond end of array

Expand Messages
  • Dominique PellĂ©
    Hi Comment at the top of function line_count_info(...) in src/ops.c says: The function will only examine the first limit characters in the line However,
    Message 1 of 2 , Aug 6, 2011
    • 0 Attachment
      Hi

      Comment at the top of function line_count_info(...) in src/ops.c says:

      'The function will only examine the first "limit" characters in the line'

      However, line ops.c:6314 can access beyond the first "limit" characters:

      6314 if (line[i] == NUL && i < limit)

      The 2 conditions should be swapped.

      Bug was found by static analyzer cppcheck available with:
      "git clone git://github.com/danmar/cppcheck.git".

      $ cd vim/src
      $ cppcheck -I . -I proto --enable=all ops.c
      ...
      [src/ops.c:6314]: (style) Array index i is used before limits check

      Regards
      -- Dominique

      --
      You received this message from the "vim_dev" maillist.
      Do not top-post! Type your reply below the text you are replying to.
      For more information, visit http://www.vim.org/maillist.php
    • Bram Moolenaar
      ... Thanks! -- The war between Emacs and Vi is over. Vi has won with 3 to 1. http://www.ssc.com/lg/issue30/raymond.html /// Bram Moolenaar --
      Message 2 of 2 , Aug 7, 2011
      • 0 Attachment
        Dominique wrote:

        > Comment at the top of function line_count_info(...) in src/ops.c says:
        >
        > 'The function will only examine the first "limit" characters in the line'
        >
        > However, line ops.c:6314 can access beyond the first "limit" characters:
        >
        > 6314 if (line[i] == NUL && i < limit)
        >
        > The 2 conditions should be swapped.
        >
        > Bug was found by static analyzer cppcheck available with:
        > "git clone git://github.com/danmar/cppcheck.git".
        >
        > $ cd vim/src
        > $ cppcheck -I . -I proto --enable=all ops.c
        > ...
        > [src/ops.c:6314]: (style) Array index i is used before limits check

        Thanks!

        --
        The war between Emacs and Vi is over. Vi has won with 3 to 1.
        http://www.ssc.com/lg/issue30/raymond.html

        /// Bram Moolenaar -- Bram@... -- http://www.Moolenaar.net \\\
        /// sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\
        \\\ an exciting new programming language -- http://www.Zimbu.org ///
        \\\ help me help AIDS victims -- http://ICCF-Holland.org ///

        --
        You received this message from the "vim_dev" maillist.
        Do not top-post! Type your reply below the text you are replying to.
        For more information, visit http://www.vim.org/maillist.php
      Your message has been successfully submitted and would be delivered to recipients shortly.