patch 8.0.1486: accessing invalid memory with "it"
Problem: Accessing invalid memory with "it". (Dominique Pelle)
Solution: Avoid going over the end of the line. (Christian Brabandt,
closes #2532)
diff --git a/src/search.c b/src/search.c
index efcf3d9..8089dcf 100644
--- a/src/search.c
+++ b/src/search.c
@@ -684,11 +684,11 @@
&& pos->lnum >= 1 && pos->lnum <= buf->b_ml.ml_line_count
&& pos->col < MAXCOL - 2)
{
- ptr = ml_get_buf(buf, pos->lnum, FALSE) + pos->col;
- if (*ptr == NUL)
+ ptr = ml_get_buf(buf, pos->lnum, FALSE);
+ if ((int)STRLEN(ptr) < pos->col)
start_char_len = 1;
else
- start_char_len = (*mb_ptr2len)(ptr);
+ start_char_len = (*mb_ptr2len)(ptr + pos->col);
}
#endif
else
diff --git a/src/testdir/test_textobjects.vim b/src/testdir/test_textobjects.vim
index 684f197..17602fb 100644
--- a/src/testdir/test_textobjects.vim
+++ b/src/testdir/test_textobjects.vim
@@ -152,3 +152,16 @@
call assert_equal(3 , match('abc', '\zs', 3, 1))
call assert_equal(-1, match('abc', '\zs', 4, 1))
endfunc
+
+" This was causing an illegal memory access
+func Test_inner_tag()
+ new
+ norm ixxx
+ call feedkeys("v", 'xt')
+ insert
+x
+x
+.
+ norm it
+ q!
+endfunc
diff --git a/src/version.c b/src/version.c
index 963f611..d3927cb 100644
--- a/src/version.c
+++ b/src/version.c
@@ -772,6 +772,8 @@
static int included_patches[] =
{ /* Add new patch number below this line */
/**/
+ 1486,
+/**/
1485,
/**/
1484,