diff options
| author | Bram Moolenaar <Bram@vim.org> | 2013-02-13 14:36:44 +0100 |
|---|---|---|
| committer | Bram Moolenaar <Bram@vim.org> | 2013-02-13 14:36:44 +0100 |
| commit | 181ace28ed41ba15078285194a9b9d6e52b46844 (patch) | |
| tree | f409492fa74ff962884cca940307444d14d22127 | |
| parent | 76d711c3b5397b749a67d229150d3c1ff3f33add (diff) | |
| download | vim-git-181ace28ed41ba15078285194a9b9d6e52b46844.tar.gz | |
updated for version 7.3.809v7.3.809
Problem: The dosinst.c program has a buffer overflow. (Thomas Gwae)
Solution: Ignore $VIMRUNTIME if it is too long.
| -rw-r--r-- | src/dosinst.c | 2 | ||||
| -rw-r--r-- | src/version.c | 2 |
2 files changed, 3 insertions, 1 deletions
diff --git a/src/dosinst.c b/src/dosinst.c index 0ff8e69b6..6bc15fc7d 100644 --- a/src/dosinst.c +++ b/src/dosinst.c @@ -375,7 +375,7 @@ get_vim_env(void) /* First get $VIMRUNTIME. If it's set, remove the tail. */ vim = getenv("VIMRUNTIME"); - if (vim != NULL && *vim != 0) + if (vim != NULL && *vim != 0 && strlen(vim) < BUFSIZE) { strcpy(buf, vim); remove_tail(buf); diff --git a/src/version.c b/src/version.c index c716154e2..b2ea5c0f5 100644 --- a/src/version.c +++ b/src/version.c @@ -726,6 +726,8 @@ static char *(features[]) = static int included_patches[] = { /* Add new patch number below this line */ /**/ + 809, +/**/ 808, /**/ 807, |