44 lines
1.2 KiB
Diff
44 lines
1.2 KiB
Diff
diff --git a/src/structs.h b/src/structs.h
|
|
index 5b88260..e8f5db3 100644
|
|
--- a/src/structs.h
|
|
+++ b/src/structs.h
|
|
@@ -5026,3 +5026,7 @@ typedef struct {
|
|
linenr_T spv_capcol_lnum; // line number for "cap_col"
|
|
#endif
|
|
} spellvars_T;
|
|
+
|
|
+// Return the length of a string literal
|
|
+#define STRLEN_LITERAL(s) (sizeof(s) - 1)
|
|
+
|
|
diff --git a/src/tag.c b/src/tag.c
|
|
index 893415f..2e7a74d 100644
|
|
--- a/src/tag.c
|
|
+++ b/src/tag.c
|
|
@@ -3344,7 +3344,7 @@ get_tagfname(
|
|
if (tnp->tn_hf_idx > tag_fnames.ga_len || *p_hf == NUL)
|
|
return FAIL;
|
|
++tnp->tn_hf_idx;
|
|
- STRCPY(buf, p_hf);
|
|
+ vim_strncpy(buf, p_hf, MAXPATHL - 1);
|
|
STRCPY(gettail(buf), "tags");
|
|
#ifdef BACKSLASH_IN_FILENAME
|
|
slash_adjust(buf);
|
|
diff --git a/src/testdir/test_help.vim b/src/testdir/test_help.vim
|
|
index 6c8b3ab..bf15a42 100644
|
|
--- a/src/testdir/test_help.vim
|
|
+++ b/src/testdir/test_help.vim
|
|
@@ -205,5 +205,13 @@ func Test_help_using_visual_match()
|
|
call v9.CheckScriptFailure(lines, 'E149:')
|
|
endfunc
|
|
|
|
+" This caused a buffer overflow
|
|
+func Test_helpfile_overflow()
|
|
+ let _helpfile = &helpfile
|
|
+ let &helpfile = repeat('A', 5000)
|
|
+ help
|
|
+ helpclose
|
|
+ let &helpfile = _helpfile
|
|
+endfunc
|
|
|
|
" vim: shiftwidth=2 sts=2 expandtab
|