mirrors/neovim
1
0
Fork 0
mirror of https://github.com/neovim/neovim.git synced 2025-09-29 22:48:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

treesitter: check for integer overflow (#12135)

Browse Source 
Sometimes treesitter calls for an invalid column within a line, checking
that the column is actually valid and forcing the value avoids an
integer overflow and an infinite sequence of invalid reads.

Fixes #12131
This commit is contained in:
Thomas Vigouroux
2020-04-22 18:54:56 +02:00
committed by GitHub
parent fdedaa7226
commit 6c9a5743a0
1 changed files with 15 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/nvim/lua/treesitter.c
View File

@@ -271,6 +271,10 @@ static const char *input_cb(void *payload, uint32_t byte_index,
} }
char_u *line = ml_get_buf(bp, position.row+1, false); char_u *line = ml_get_buf(bp, position.row+1, false);
size_t len = STRLEN(line); size_t len = STRLEN(line);
if (position.column > len) {
*bytes_read = 0;
} else {
size_t tocopy = MIN(len-position.column, BUFSIZE); size_t tocopy = MIN(len-position.column, BUFSIZE);
memcpy(buf, line+position.column, tocopy); memcpy(buf, line+position.column, tocopy);
@@ -283,6 +287,7 @@ static const char *input_cb(void *payload, uint32_t byte_index,
buf[tocopy] = '\n'; buf[tocopy] = '\n';
(*bytes_read)++; (*bytes_read)++;
} }
}
return buf; return buf;
#undef BUFSIZE #undef BUFSIZE
} }