mirrors/neovim
1
0
Fork 0
mirror of https://github.com/neovim/neovim.git synced 2026-03-31 04:42:03 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(typval): allocated dynamic size must be at least the static size

Browse Source 
fixes #37160
This commit is contained in:
bfredl
2026-01-01 10:55:14 +01:00
parent ad1c07ebb9
commit 1427b94200
2 changed files with 5 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/nvim/eval/typval.c
View File

@@ -2029,7 +2029,9 @@ dictitem_T *tv_dict_item_alloc_len(const char *const key, const size_t key_len)
FUNC_ATTR_NONNULL_RET FUNC_ATTR_NONNULL_ALL FUNC_ATTR_WARN_UNUSED_RESULT
FUNC_ATTR_MALLOC
{
dictitem_T *const di = xmalloc(offsetof(dictitem_T, di_key) + key_len + 1);
// Allocating a struct smaller than its static size is UB (#37160)
dictitem_T *const di = xmalloc(MAX(sizeof(dictitem_T),
offsetof(dictitem_T, di_key) + key_len + 1));
memcpy(di->di_key, key, key_len);
di->di_key[key_len] = NUL;
di->di_flags = DI_FLAGS_ALLOC;

4
test/unit/eval/testutil.lua
View File

@@ -413,7 +413,7 @@ local function alloc_len(len, get_ptr)
if type(len) == 'string' or type(len) == 'table' then
return #len
elseif len == nil then
return eval.strlen(get_ptr())
return tonumber(eval.strlen(get_ptr()))
else
return len
end
@@ -435,7 +435,7 @@ local alloc_logging_t = {
end)
return {
func = 'malloc',
args = { ffi.offsetof('dictitem_T', 'di_key') + size + 1 },
args = { math.max(ffi.sizeof('dictitem_T'), ffi.offsetof('dictitem_T', 'di_key') + size + 1) },
ret = void(di),
}
end,