Problem: buffer-overflow in trunc_string()
Solution: Add NULL at end of buffer
Currently trunc_string() assumes that when the string is too long,
buf[e-1] will always be writeable. But that assumption may not always be
true. The condition currently looks like this
else if (e + 3 < buflen)
[...]
else
{
// can't fit in the "...", just truncate it
buf[e - 1] = NUL;
}
but this means, we may run into the last else clause with e still being
larger than buflen. So a buffer overflow occurs.
So instead of using `buf[e - 1]`, let's just always
truncate at `buf[buflen - 1]` which should always be writable.
3bd7fa12e1
vim-patch:9.0.2004: Missing test file
Problem: Missing test file
Solution: git-add the file to the repo
closes: vim/vim#13305d4afbdd071
Co-authored-by: Christian Brabandt <cb@256bit.org>
Problem: Trailing white space in tests
Solution: Delete it
This causes test_codestyle to fail, so we need to remove it again.
Hopefully that makes the CI green again.
Note: I will start using annotated tags from now on.
da200c2f78
Co-authored-by: Christian Brabandt <cb@256bit.org>
Problem: heap-buffer-overflow in vim_regsub_both
Solution: Disallow exchanging windows when textlock is active
f6d28fe2c9
Cherry-pick test_crash.vim change from patch 9.0.1876.
Co-authored-by: Christian Brabandt <cb@256bit.org>
Problem: crash with bt_quickfix1_poc when cleaning up
and EXITFREE is defined
Solution: Test if buffer is valid in a window, else close
window directly, don't try to access buffer properties
While at it, increase the crash timeout slightly, so that CI has a
chance to finish processing the test_crash() test.
623ba31821
Co-authored-by: Christian Brabandt <cb@256bit.org>
Problem: heap-use-after-free in bt_normal()
Solution: check that buffer is still valid
6e60cf444a
Test change only.
Co-authored-by: Christian Brabandt <cb@256bit.org>
Problem: heap use after free in ins_compl_get_exp()
Solution: validate buffer before accessing it
ee9166eb3b
Co-authored-by: Christian Brabandt <cb@256bit.org>
Problem: heap-use-after-free in is_qf_win()
Solution: Check buffer is valid before accessing it
fc68299d43
Co-authored-by: Christian Brabandt <cb@256bit.org>
Problem: test_crash1() fails on CI
Solution: don't run Screendump test, verify that it doesn't crash
by running it through a shell command line, testing
the exit value and concatenating success cmd using '&&'
db510ca805
Co-authored-by: Christian Brabandt <cb@256bit.org>
Problem: [security]: FPE in adjust_plines_for_skipcol
Solution: don't divide by zero, return zero
Prevent a floating point exception when calculating w_skipcol (which can
happen with a small window when the number option is set and cpo+=n).
Add a test to verify
cb0b99f067
Co-authored-by: Christian Brabandt <cb@256bit.org>
Problem: [security]: overflow in get_number
Solution: Return 0 when the count gets too large
[security]: overflow in get_number
When using the z= command, we may overflow the count with values larger
than MAX_INT. So verify that we do not overflow and in case when an
overflow is detected, simply return 0
73b2d3790c
Co-authored-by: Christian Brabandt <cb@256bit.org>
Problem: [security]: overflow in ex address parsing
Solution: Verify that lnum is positive, before substracting from
LONG_MAX
[security]: overflow in ex address parsing
When parsing relative ex addresses one may unintentionally cause an
overflow (because LONG_MAX - lnum will overflow for negative addresses).
So verify that lnum is actually positive before doing the overflow
check.
060623e4a3
Co-authored-by: Christian Brabandt <cb@256bit.org>
Problem: [security]: overflow in nv_z_get_count
Solution: break out, if count is too large
When getting the count for a normal z command, it may overflow for large
counts given. So verify, that we can safely store the result in a long.
58f9befca1
Co-authored-by: Christian Brabandt <cb@256bit.org>
Problem: [security]: overflow with count for :s command
Solution: Abort the :s command if the count is too large
If the count after the :s command is larger than what fits into a
(signed) long variable, abort with e_value_too_large.
Adds a test with INT_MAX as count and verify it correctly fails.
It seems the return value on Windows using mingw compiler wraps around,
so the initial test using :s/./b/9999999999999999999999999990 doesn't
fail there, since the count is wrapping around several times and finally
is no longer larger than 2147483647. So let's just use 2147483647 in the
test, which hopefully will always cause a failure
ac63787734
Co-authored-by: Christian Brabandt <cb@256bit.org>
Problem: Test for expanding "~" in substitute takes too long.
Solution: Disable the test for now.
916d6dd5b1
Co-authored-by: Bram Moolenaar <Bram@vim.org>
Problem: Crash when expanding "~" in substitute causes very long text.
Solution: Limit the text length to MAXCOL.
ab9a2d884b
Co-authored-by: Bram Moolenaar <Bram@vim.org>
Problem: wast filetype should be replaced by wat filetype
Solution: start using the official wat filetype name
runtime: rename `wast` filetype to `wat` (Wasm text format)
The problem is the name of the current filetype wast. When the plugin
was initially created, the file extension for Wasm text format was not
fixed and .wast was more popular.
However, recently .wat became the official file extension for
WebAssembly text (WAT) format and .wast is now a file extension for the
unofficial WAST format, which is a superset of .wat for the convenience
to describe the Wasm specification conformance tests.
https://webassembly.js.org/docs/contrib-wat-vs-wast.html
However for now, let's keep using the `wat` filetype even for the .wast
extension, so that we at least do not lose the filetype settings and
syntax highlighting. This can be adjusted later, if it turns out to have
a separate need for.
closes: vim/vim#13533bc8f79d36a
Co-authored-by: rhysd <lin90162@yahoo.co.jp>
Problem: Text properties test fails when 'encoding' is not utf-8.
Solution: Compare with original value of 'encoding'. (Christian Brabandt,
closesvim/vim#3986)
ed79d1e348
Co-authored-by: Bram Moolenaar <Bram@vim.org>
Problem: Running tests may leave some files behind.
Solution: Delete the right files. Fix a few typos. (Dominique Pellé,
closesvim/vim#7436ac665c24c9
Co-authored-by: Bram Moolenaar <Bram@vim.org>
Problem: Cannot set a directory for a tab page.
Solution: Add the tab-local directory. (Yegappan Lakshmanan, closesvim/vim#4212)
00aa069db8
Session-related changes only.
Co-authored-by: Bram Moolenaar <Bram@vim.org>
Problem: Vim doesn't use the new ConPTY support in Windows 10.
Solution: Use ConPTY support, if available. (Nobuhiro Takasaki, closesvim/vim#3794)
aa5df7e312
Co-authored-by: Bram Moolenaar <Bram@vim.org>
Problem: Terminal windows in a session are not properly restored.
Solution: Add "terminal" in 'sessionoptions'. When possible restore the
command running in a terminal.
4d8bac8bf5
Tests only. Nvim has no equivalent to "norestore" yet.
Co-authored-by: Bram Moolenaar <Bram@vim.org>
Problem: matchparen highlight not cleared in completion mode
Solution: Clear matchparen highlighting in completion mode
Remove hard-coded hack in insexpand.c to clear the :3match before
displaying the completion menu.
Add a test for matchparen highlighting. While at it, move all test tests
related to the matchparen plugin into a separate test file.
closes: vim/vim#13493closes: vim/vim#135249588666360
Co-authored-by: Christian Brabandt <cb@256bit.org>
Problem: Tests are flaky because of using a common file name.
Solution: Rename files and directories to be more unique.
61abe7d8f8
Cherry-pick Test_custom_complete_autoload() from patch 8.2.4584.
Cherry-pick test_delete.vim & test_edit.vim changes from patch 9.0.0323.
Cherry-pick test_edit.vim changes from patch 8.2.3637.
Co-authored-by: Bram Moolenaar <Bram@vim.org>
Problem: Debugger test may fail when $CWD is very long.
Solution: Skip the test if the directory name is too long. (James McCoy,
closesvim/vim#10837)
db7a88db8b
Co-authored-by: James McCoy <jamessan@jamessan.com>
Problem: Various things no6 properly tested.
Solution: Add various test cases. (Yegappan Lakshmanan, closesvim/vim#10259)
885de449c0
Co-authored-by: Yegappan Lakshmanan <yegappan@yahoo.com>
Problem: Crash in debugger when a variable is not available in the current
block.
Solution: Check for a NULL name. (closesvim/vim#9926)
e406ff87c8
Co-authored-by: Bram Moolenaar <Bram@vim.org>
Problem: Vim9: expression breakpoint not checked in :def function.
Solution: Always compile a function for debugging if there is an expression
breakpoint. (closesvim/vim#8803)
26a4484da2
Co-authored-by: Bram Moolenaar <Bram@vim.org>
Problem: Vim9: crash when debugging a function with line continuation.
Solution: Check for a NULL pointer. (closesvim/vim#8521)
303215d60c
Co-authored-by: Bram Moolenaar <Bram@vim.org>
Problem: Temp files remain after running tests.
Solution: Delete the right files. (Dominique Pellé, closesvim/vim#8509)
6c72fd51a8
Co-authored-by: Dominique Pelle <dominique.pelle@gmail.com>
Problem: Vim9: breakpoint on "for" does not work.
Solution: Use the right line number in ISN_DEBUG. (closesvim/vim#8486)
6fc0161682
Co-authored-by: Bram Moolenaar <Bram@vim.org>
Problem: Vim9: debugging lambda does not work.
Solution: Use the compile type of the function when compiling a lambda.
(closesvim/vim#8412)
17d868b8b2
Co-authored-by: Bram Moolenaar <Bram@vim.org>
Problem: Vim9: breakpoint at a comment line does not work.
Solution: Add the comment line number to the debug instruction.
(closesvim/vim#8429)
8cec9273d2
Co-authored-by: Bram Moolenaar <Bram@vim.org>
Problem: Vim9: breakpoint in compiled function not always checked.
Solution: Check for breakpoint when calling compiled function from compiled
function.
2ac4b2536a
Co-authored-by: Bram Moolenaar <Bram@vim.org>
