From: Bram Moolenaar Date: Wed, 3 Jun 2020 16:55:38 +0000 (+0200) Subject: patch 8.2.0892: ubsan warns for undefined behavior X-Git-Tag: v8.2.0892 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c5acc0f7fed6b061d994fc5ac660dcc0312750bd;p=thirdparty%2Fvim.git patch 8.2.0892: ubsan warns for undefined behavior Problem: Ubsan warns for undefined behavior. Solution: Use unsigned instead of signed variable. (Dominique Pelle, closes #6193) --- diff --git a/src/regexp_nfa.c b/src/regexp_nfa.c index 26a8f356b1..465797dd3e 100644 --- a/src/regexp_nfa.c +++ b/src/regexp_nfa.c @@ -246,6 +246,7 @@ static int nfa_classcodes[] = { static char_u e_nul_found[] = N_("E865: (NFA) Regexp end encountered prematurely"); static char_u e_misplaced[] = N_("E866: (NFA regexp) Misplaced %c"); static char_u e_ill_char_class[] = N_("E877: (NFA regexp) Invalid character class: %d"); +static char_u e_value_too_large[] = N_("E951: \\% value too large"); // Variables only used in nfa_regcomp() and descendants. static int nfa_re_flags; // re_flags passed to nfa_regcomp() @@ -1541,19 +1542,27 @@ nfa_regatom(void) default: { - long n = 0; + long_u n = 0; int cmp = c; if (c == '<' || c == '>') c = getchr(); while (VIM_ISDIGIT(c)) { - n = n * 10 + (c - '0'); + long_u tmp = n * 10 + (c - '0'); + + if (tmp < n) + { + // overflow. + emsg(_(e_value_too_large)); + return FAIL; + } + n = tmp; c = getchr(); } if (c == 'l' || c == 'c' || c == 'v') { - int limit = INT_MAX; + long_u limit = INT_MAX; if (c == 'l') { @@ -1576,7 +1585,7 @@ nfa_regatom(void) } if (n >= limit) { - emsg(_("E951: \\% value too large")); + emsg(_(e_value_too_large)); return FAIL; } EMIT((int)n); diff --git a/src/version.c b/src/version.c index b0fd4b3de8..a241fa0a2a 100644 --- a/src/version.c +++ b/src/version.c @@ -746,6 +746,8 @@ static char *(features[]) = static int included_patches[] = { /* Add new patch number below this line */ +/**/ + 892, /**/ 891, /**/