patch 8.0.0376: size computations in spell file reading are off Problem: Size computations in spell file reading are not exactly right. Solution: Make "len" a "long" and check with LONG_MAX.

commit: 6d3c8586fc81b022e9f06c611b9926108fb878c7 [log] [tgz]
author: Bram Moolenaar <Bram@vim.org> Sun Feb 26 15:27:23 2017 +0100
committer: Bram Moolenaar <Bram@vim.org> Sun Feb 26 15:27:23 2017 +0100
tree: f8ec58f6b4262885089d4e036eccc181bf854986
parent: 5074a0e0333eaa6a9f697eb765124ca0e244c89b [diff] [blame]
diff --git a/src/spellfile.c b/src/spellfile.c
index 8b1a3a6..00ef019 100644
--- a/src/spellfile.c
+++ b/src/spellfile.c

@@ -1585,7 +1585,7 @@
     int		prefixtree,	/* TRUE for the prefix tree */
     int		prefixcnt)	/* when "prefixtree" is TRUE: prefix count */
 {
-    int		len;
+    long	len;
     int		idx;
     char_u	*bp;
     idx_T	*ip;
@@ -1595,7 +1595,7 @@
     len = get4c(fd);
     if (len < 0)
 	return SP_TRUNCERROR;
-    if (len >= 0x3ffffff)
+    if (len >= LONG_MAX / (long)sizeof(int))
 	/* Invalid length, multiply with sizeof(int) would overflow. */
 	return SP_FORMERROR;
     if (len > 0)
commit	6d3c8586fc81b022e9f06c611b9926108fb878c7	[log] [tgz]
author	Bram Moolenaar <Bram@vim.org>	Sun Feb 26 15:27:23 2017 +0100
committer	Bram Moolenaar <Bram@vim.org>	Sun Feb 26 15:27:23 2017 +0100
tree	f8ec58f6b4262885089d4e036eccc181bf854986
parent	5074a0e0333eaa6a9f697eb765124ca0e244c89b [diff] [blame]