vim/0001-patch-8.2.4120-block-insert-goes-over-the-end-of-the.patch

96 lines
2.8 KiB
Diff
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

diff -up vim80/src/ops.c.cve0261 vim80/src/ops.c
--- vim80/src/ops.c.cve0261 2022-01-26 14:30:27.475308323 +0100
+++ vim80/src/ops.c 2022-01-26 14:34:16.650933713 +0100
@@ -636,23 +636,30 @@ block_insert(
if (b_insert)
{
off = (*mb_head_off)(oldp, oldp + offset + spaces);
+ spaces -= off;
+ count -= off;
}
else
{
- off = (*mb_off_next)(oldp, oldp + offset);
- offset += off;
+ // spaces fill the gap, the character that's at the edge moves
+ // right
+ off = (*mb_head_off)(oldp, oldp + offset);
+ offset -= off;
}
spaces -= off;
count -= off;
}
#endif
- newp = alloc_check((unsigned)(STRLEN(oldp)) + s_len + count + 1);
+ // Make sure the allocated size matches what is actually copied below.
+ newp = alloc(STRLEN(oldp) + spaces + s_len
+ + (spaces > 0 && !bdp->is_short ? p_ts - spaces : 0)
+ + count + 1);
if (newp == NULL)
continue;
/* copy up to shifted part */
- mch_memmove(newp, oldp, (size_t)(offset));
+ mch_memmove(newp, oldp, (size_t)offset);
oldp += offset;
/* insert pre-padding */
@@ -662,14 +669,21 @@ block_insert(
mch_memmove(newp + offset + spaces, s, (size_t)s_len);
offset += s_len;
- if (spaces && !bdp->is_short)
+ if (spaces > 0 && !bdp->is_short)
{
- /* insert post-padding */
- vim_memset(newp + offset + spaces, ' ', (size_t)(p_ts - spaces));
- /* We're splitting a TAB, don't copy it. */
- oldp++;
- /* We allowed for that TAB, remember this now */
- count++;
+ if (*oldp == TAB)
+ {
+ // insert post-padding
+ vim_memset(newp + offset + spaces, ' ',
+ (size_t)(p_ts - spaces));
+ // we're splitting a TAB, don't copy it
+ oldp++;
+ // We allowed for that TAB, remember this now
+ count++;
+ }
+ else
+ // Not a TAB, no extra spaces
+ count = spaces;
}
if (spaces > 0)
@@ -2738,9 +2752,9 @@ op_insert(oparg_T *oap, long count1)
oap->start_vcol = t;
}
else if (oap->op_type == OP_APPEND
- && oap->end.col
+ && oap->start.col
#ifdef FEAT_VIRTUALEDIT
- + oap->end.coladd
+ + oap->start.coladd
#endif
>= curbuf->b_op_start_orig.col
#ifdef FEAT_VIRTUALEDIT
diff -up vim80/src/testdir/test_visual.vim.cve0261 vim80/src/testdir/test_visual.vim
--- vim80/src/testdir/test_visual.vim.cve0261 2022-01-26 14:30:27.476308325 +0100
+++ vim80/src/testdir/test_visual.vim 2022-01-26 14:36:03.482225225 +0100
@@ -254,3 +254,12 @@ func Test_virtual_replace2()
%d_
set bs&vim
endfunc
+
+func Test_visual_block_append_invalid_char()
+ " this was going over the end of the line
+ new
+ call setline(1, [' let xxx', 'xxxxxˆ', 'xxxxxxxxxxx'])
+ exe "normal 0\<C-V>jjA-\<Esc>"
+ call assert_equal([' - let xxx', 'xxxxx -ˆ', 'xxxxxxxx-xxx'], getline(1, 3))
+ bwipe!
+endfunc