Mercurial Mercurial > upstream > oracle > userland-gate / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/vim/vim72-patches/7.2.406
changeset 198 172fc01ce997 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/vim/vim72-patches/7.2.406	Thu Apr 07 16:25:07 2011 -0700
@@ -0,0 +1,123 @@
+To: [email protected]
+Subject: Patch 7.2.406
+Fcc: outbox
+From: Bram Moolenaar <[email protected]>
+Mime-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+------------
+
+Patch 7.2.406
+Problem:    Patch 7.2.119 introduces uninit mem read. (Dominique Pelle)
+Solution:   Only used ScreeenLinesC when ScreeenLinesUC is not zero. (Yukihiro
+	    Nakadaira)  Also clear ScreeenLinesC when allocating.
+Files:	    src/screen.c
+
+
+*** ../vim-7.2.405/src/screen.c	2010-03-23 13:56:53.000000000 +0100
+--- src/screen.c	2010-03-23 15:26:44.000000000 +0100
+***************
+*** 25,34 ****
+   * one character which occupies two display cells.
+   * For UTF-8 a multi-byte character is converted to Unicode and stored in
+   * ScreenLinesUC[].  ScreenLines[] contains the first byte only.  For an ASCII
+!  * character without composing chars ScreenLinesUC[] will be 0.  When the
+!  * character occupies two display cells the next byte in ScreenLines[] is 0.
+   * ScreenLinesC[][] contain up to 'maxcombine' composing characters
+!  * (drawn on top of the first character).  They are 0 when not used.
+   * ScreenLines2[] is only used for euc-jp to store the second byte if the
+   * first byte is 0x8e (single-width character).
+   *
+--- 25,35 ----
+   * one character which occupies two display cells.
+   * For UTF-8 a multi-byte character is converted to Unicode and stored in
+   * ScreenLinesUC[].  ScreenLines[] contains the first byte only.  For an ASCII
+!  * character without composing chars ScreenLinesUC[] will be 0 and
+!  * ScreenLinesC[][] is not used.  When the character occupies two display
+!  * cells the next byte in ScreenLines[] is 0.
+   * ScreenLinesC[][] contain up to 'maxcombine' composing characters
+!  * (drawn on top of the first character).  There is 0 after the last one used.
+   * ScreenLines2[] is only used for euc-jp to store the second byte if the
+   * first byte is 0x8e (single-width character).
+   *
+***************
+*** 4893,4898 ****
+--- 4894,4900 ----
+  
+  /*
+   * Return if the composing characters at "off_from" and "off_to" differ.
++  * Only to be used when ScreenLinesUC[off_from] != 0.
+   */
+      static int
+  comp_char_differs(off_from, off_to)
+***************
+*** 6281,6286 ****
+--- 6283,6289 ----
+  /*
+   * Return TRUE if composing characters for screen posn "off" differs from
+   * composing characters in "u8cc".
++  * Only to be used when ScreenLinesUC[off] != 0.
+   */
+      static int
+  screen_comp_differs(off, u8cc)
+***************
+*** 6461,6468 ****
+  		    && c == 0x8e
+  		    && ScreenLines2[off] != ptr[1])
+  		|| (enc_utf8
+! 		    && (ScreenLinesUC[off] != (u8char_T)(c >= 0x80 ? u8c : 0)
+! 			|| screen_comp_differs(off, u8cc)))
+  #endif
+  		|| ScreenAttrs[off] != attr
+  		|| exmode_active;
+--- 6464,6473 ----
+  		    && c == 0x8e
+  		    && ScreenLines2[off] != ptr[1])
+  		|| (enc_utf8
+! 		    && (ScreenLinesUC[off] !=
+! 				(u8char_T)(c < 0x80 && u8cc[0] == 0 ? 0 : u8c)
+! 			|| (ScreenLinesUC[off] != 0
+! 					  && screen_comp_differs(off, u8cc))))
+  #endif
+  		|| ScreenAttrs[off] != attr
+  		|| exmode_active;
+***************
+*** 7542,7548 ****
+  	new_ScreenLinesUC = (u8char_T *)lalloc((long_u)(
+  			     (Rows + 1) * Columns * sizeof(u8char_T)), FALSE);
+  	for (i = 0; i < p_mco; ++i)
+! 	    new_ScreenLinesC[i] = (u8char_T *)lalloc((long_u)(
+  			     (Rows + 1) * Columns * sizeof(u8char_T)), FALSE);
+      }
+      if (enc_dbcs == DBCS_JPNU)
+--- 7547,7553 ----
+  	new_ScreenLinesUC = (u8char_T *)lalloc((long_u)(
+  			     (Rows + 1) * Columns * sizeof(u8char_T)), FALSE);
+  	for (i = 0; i < p_mco; ++i)
+! 	    new_ScreenLinesC[i] = (u8char_T *)lalloc_clear((long_u)(
+  			     (Rows + 1) * Columns * sizeof(u8char_T)), FALSE);
+      }
+      if (enc_dbcs == DBCS_JPNU)
+*** ../vim-7.2.405/src/version.c	2010-03-23 14:39:07.000000000 +0100
+--- src/version.c	2010-03-23 15:34:11.000000000 +0100
+***************
+*** 683,684 ****
+--- 683,686 ----
+  {   /* Add new patch number below this line */
++ /**/
++     406,
+  /**/
+
+-- 
+VOICE OVER: As the horrendous Black Beast lunged forward, escape for Arthur
+            and his knights seemed hopeless,  when, suddenly ... the animator
+            suffered a fatal heart attack.
+ANIMATOR:   Aaaaagh!
+VOICE OVER: The cartoon peril was no more ... The Quest for Holy Grail could
+            continue.
+                 "Monty Python and the Holy Grail" PYTHON (MONTY) PICTURES LTD
+
+ /// Bram Moolenaar -- [email protected] -- http://www.Moolenaar.net   \\\
+///        sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\
+\\\        download, build and distribute -- http://www.A-A-P.org        ///
+ \\\            help me help AIDS victims -- http://ICCF-Holland.org    ///
upstream/oracle/userland-gate