| Age | Commit message (Collapse) | Author |
|---|
|
Problem: is*() and to*() function may be unsafe
Solution: Add SAFE_* macros and start using those instead
(Keith Thompson)
Use SAFE_() macros for is*() and to*() functions
The standard is*() and to*() functions declared in <ctype.h> have
undefined behavior for negative arguments other than EOF. If plain char
is signed, passing an unchecked value from argv for from user input
to one of these functions has undefined behavior.
Solution: Add SAFE_*() macros that cast the argument to unsigned char.
Most implementations behave sanely for negative arguments, and most
character values in practice are non-negative, but it's still best
to avoid undefined behavior.
The change from #13347 has been omitted, as this has already been
separately fixed in commit ac709e2fc0db6d31abb7da96f743c40956b60c3a
(v9.0.2054)
fixes: #13332
closes: #13347
Signed-off-by: Keith Thompson <Keith.S.Thompson@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
|
|
Problem: [security] overflow in :history
Solution: Check that value fits into int
The get_list_range() function, used to parse numbers for the :history
and :clist command internally uses long variables to store the numbers.
However function arguments are integer pointers, which can then
overflow.
Check that the return value from the vim_str2nr() function is not larger
than INT_MAX and if yes, bail out with an error. I guess nobody uses a
cmdline/clist history that needs so many entries... (famous last words).
It is only a moderate vulnerability, so impact should be low.
Github Advisory:
https://github.com/vim/vim/security/advisories/GHSA-q22m-h7m2-9mgm
Signed-off-by: Christian Brabandt <cb@256bit.org>
|
|
Problem: Code uses too much indent.
Solution: Use an early return. (Yegappan Lakshmanan, closes #11747)
|
|
Problem: Coverity warns for dead code.
Solution: Remove the dead code.
|
|
Problem: Code is indented more than needed.
Solution: Return early. (Yegappan Lakshmanan, closes #11538)
|
|
Problem: Using static buffer for multiple completion functions.
Solution: Use one buffer in expand_T.
|
|
Problem: Various code not used when features are disabled.
Solution: Add #ifdefs. (Dominique Pellé, closes #9491)
|
|
Problem: Error messages are spread out.
Solution: Move more errors to errors.h.
|
|
Problem: Vim9: runtime and compile time type checks are not the same.
Solution: Add more runtime type checks for builtin functions. (Yegappan
Lakshmanan, closes #8646)
|
|
Problem: Vim9: argument types are not checked at compile time.
Solution: Add several more type checks. (Yegappan Lakshmanan, closes #8611)
|
|
Problem: Vim9: argument types are not checked at compile time.
Solution: Add several more type checks, also at runtime. (Yegappan
Lakshmanan, closes #8587)
|
|
Problem: Vim9: argument types are not checked at compile time.
Solution: Add more type checks. (Yegappan Lakshmanan, closes #8560)
|
|
Problem: Computing array length is done in various ways.
Solution: Use ARRAY_LENGTH everywhere. (Ken Takata, closes #8305)
|
|
Problem: Command modifier parsing always uses global cmdmod.
Solution: Pass in cmdmod_T to use. Rename struct fields consistently.
|
|
Problem: The "trailing characters" error can be hard to understand.
Solution: Add the trailing characters to the message.
|
|
Problem: ex_getln.c code has insufficient test coverage.
Solution: Add more tests. Fix a problem. (Yegappan Lakshmanan, closes #5693)
|
|
Problem: The +cmdline_compl feature is not in the tiny version.
Solution: Graduate the +cmdline_compl feature.
|
|
Problem: Command line history code is spread out.
Solution: Put the code in a new file. (Yegappan Lakshmanan, closes #4779)
Also graduate the +cmdline_hist feature.
|
