From e084a99040dbfae5bc71bc2f5ea9b9933ce7b61c Mon Sep 17 00:00:00 2001
From: zeertzjq <zeertzjq@outlook.com>
Date: Wed, 10 Sep 2025 17:39:18 +0800
Subject: [PATCH] vim-patch:9.1.1751: potential buffer-overflow in
 find_pattern_in_path() (#35705)

Problem:  potential buffer-overflow in find_pattern_in_path()
Problem:  Verify ptr p has enough room before adding ins_compl_len()

fixes: vim/vim#18195
closes: vim/vim#18249

https://github.com/vim/vim/commit/21ecb0d2e2888ded9da04c4f47758cec99063822

Co-authored-by: Christian Brabandt <cb@256bit.org>
---
 src/nvim/search.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/nvim/search.c b/src/nvim/search.c
index ab4e887e4f..d2cbbec4c9 100644
--- a/src/nvim/search.c
+++ b/src/nvim/search.c
@@ -3253,7 +3253,7 @@ search_line:
         }
         found = true;
         char *aux = p = startp;
-        if (compl_status_adding()) {
+        if (compl_status_adding() && (int)strlen(p) >= ins_compl_len()) {
           p += ins_compl_len();
           if (vim_iswordp(p)) {
             goto exit_matched;