patch 8.0.0213: Netbeans specialKeys command does not check argument length
Problem: The Netbeans "specialKeys" command does not check if the argument
fits in the buffer. (Coverity)
Solution: Add a length check.
diff --git a/src/netbeans.c b/src/netbeans.c
index cc55604..fb4cb76 100644
--- a/src/netbeans.c
+++ b/src/netbeans.c
@@ -2332,7 +2332,8 @@
char *save_str = nb_unquote(args, NULL);
char *tok = strtok(save_str, " ");
char *sep;
- char keybuf[64];
+#define KEYBUFLEN 64
+ char keybuf[KEYBUFLEN];
char cmdbuf[256];
while (tok != NULL)
@@ -2359,10 +2360,13 @@
tok++;
}
- strcpy(&keybuf[i], tok);
- vim_snprintf(cmdbuf, sizeof(cmdbuf),
- "<silent><%s> :nbkey %s<CR>", keybuf, keybuf);
- do_map(0, (char_u *)cmdbuf, NORMAL, FALSE);
+ if (strlen(tok) + i < KEYBUFLEN)
+ {
+ strcpy(&keybuf[i], tok);
+ vim_snprintf(cmdbuf, sizeof(cmdbuf),
+ "<silent><%s> :nbkey %s<CR>", keybuf, keybuf);
+ do_map(0, (char_u *)cmdbuf, NORMAL, FALSE);
+ }
tok = strtok(NULL, " ");
}
vim_free(save_str);
diff --git a/src/version.c b/src/version.c
index 741b8da..592c77c 100644
--- a/src/version.c
+++ b/src/version.c
@@ -765,6 +765,8 @@
static int included_patches[] =
{ /* Add new patch number below this line */
/**/
+ 213,
+/**/
212,
/**/
211,