patch 8.2.2515: memory access error when truncating an empty message

Problem:    Memory access error when truncating an empty message.
Solution:   Check for an empty string. (Dominique Pellé, closes #7841)

diff --git a/src/message.c b/src/message.c
index 8adc224115ecaedb6a7c70847b0ad58dc94c0f07..012811f9cf173b673d4313f2a960489440f3e694 100644 (file)
--- a/src/message.c
+++ b/src/message.c
@@ -248,6 +248,13 @@ trunc_string(
     int                i;
     int                n;
 
+    if (*s == NUL)
+    {
+       if (buflen > 0)
+           *buf = NUL;
+       return;
+    }
+
     if (room_in < 3)
        room = 0;
     half = room / 2;

diff --git a/src/message_test.c b/src/message_test.c
index 85a29b4712828a694158352a45a881cf5c6738a1..88335de26cb3bd93fe2f0f548f048440556ab051 100644 (file)
--- a/src/message_test.c
+++ b/src/message_test.c
@@ -49,6 +49,15 @@ test_trunc_string(void)
     char_u  *buf; /*allocated every time to find uninit errors */
     char_u  *s;
 
+    // Should not write anything to destination if buflen is 0.
+    trunc_string((char_u *)"", NULL, 1, 0);
+
+    // Truncating an empty string does nothing.
+    buf = alloc(1);
+    trunc_string((char_u *)"", buf, 1, 1);
+    assert(buf[0] == NUL);
+    vim_free(buf);
+
     // in place
     buf = alloc(40);
     STRCPY(buf, "text");

diff --git a/src/version.c b/src/version.c
index 21316e267f94f270ed876b5226e628644be80f7e..f856d83a5d36753d792c7411771efa956e319cf4 100644 (file)
--- a/src/version.c
+++ b/src/version.c
@@ -750,6 +750,8 @@ static char *(features[]) =
 
 static int included_patches[] =
 {   /* Add new patch number below this line */
+/**/
+    2515,
 /**/
     2514,
 /**/