To: vim-dev@vim.org Subject: Patch 7.2.250 (extra) Fcc: outbox From: Bram Moolenaar Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ------------ Patch 7.2.250 (extra) Problem: Possible buffer overflow. Solution: Compute the remaining space. (Dominique Pelle) Files: src/GvimExt/gvimext.cpp *** ../vim-7.2.249/src/GvimExt/gvimext.cpp 2008-07-24 20:51:11.000000000 +0200 --- src/GvimExt/gvimext.cpp 2009-09-11 13:26:27.000000000 +0200 *************** *** 635,641 **** } // Now concatenate strncpy(temp, _("Edit with existing Vim - "), BUFSIZE - 1); ! strncat(temp, title, BUFSIZE - 1); InsertMenu(hMenu, indexMenu++, MF_STRING|MF_BYPOSITION, --- 635,643 ---- } // Now concatenate strncpy(temp, _("Edit with existing Vim - "), BUFSIZE - 1); ! temp[BUFSIZE - 1] = '\0'; ! strncat(temp, title, BUFSIZE - 1 - strlen(temp)); ! temp[BUFSIZE - 1] = '\0'; InsertMenu(hMenu, indexMenu++, MF_STRING|MF_BYPOSITION, *** ../vim-7.2.249/src/version.c 2009-09-11 12:59:57.000000000 +0200 --- src/version.c 2009-09-11 13:23:45.000000000 +0200 *************** *** 678,679 **** --- 678,681 ---- { /* Add new patch number below this line */ + /**/ + 250, /**/ -- hundred-and-one symptoms of being an internet addict: 223. You set up a web-cam as your home's security system. /// Bram Moolenaar -- Bram@Moolenaar.net -- http://www.Moolenaar.net \\\ /// sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\ \\\ download, build and distribute -- http://www.A-A-P.org /// \\\ help me help AIDS victims -- http://ICCF-Holland.org ///