patch 8.2.3915: illegal memory access when completing with invalid bytesv8.2.3915

Problem: illegal memory access when completing with invalid bytes. Solution: Avoid going over the end of the completion text.
author: Bram Moolenaar <Bram@vim.org> 2021-12-27 19:28:37 +0000
committer: Bram Moolenaar <Bram@vim.org> 2021-12-27 19:28:37 +0000
commit: 4b28ba3245df8274303c79429972f9dc9438e4aa (patch)
tree: 13be14eddf43b5129c33f2e0f00182da700f574f /src/insexpand.c
parent: af4a61a85d6e8cacc35324f266934bc463a21673 (diff)
download: vim-git-4b28ba3245df8274303c79429972f9dc9438e4aa.tar.gz
1 files changed, 6 insertions, 1 deletions
diff --git a/src/insexpand.c b/src/insexpand.c
index b0319a26e..9fb7fb726 100644
--- a/src/insexpand.c
+++ b/src/insexpand.c
@@ -3437,7 +3437,12 @@ ins_compl_delete(void)
     void
 ins_compl_insert(int in_compl_func)
 {
-    ins_bytes(compl_shown_match->cp_str + ins_compl_len());
+    int compl_len = ins_compl_len();
+
+    // Make sure we don't go over the end of the string, this can happen with
+    // illegal bytes.
+    if (compl_len < (int)STRLEN(compl_shown_match->cp_str))
+	ins_bytes(compl_shown_match->cp_str + compl_len);
     if (compl_shown_match->cp_flags & CP_ORIGINAL_TEXT)
 	compl_used_match = FALSE;
     else
author	Bram Moolenaar <Bram@vim.org>	2021-12-27 19:28:37 +0000
committer	Bram Moolenaar <Bram@vim.org>	2021-12-27 19:28:37 +0000
commit	4b28ba3245df8274303c79429972f9dc9438e4aa (patch)
tree	13be14eddf43b5129c33f2e0f00182da700f574f /src/insexpand.c
parent	af4a61a85d6e8cacc35324f266934bc463a21673 (diff)
download	vim-git-4b28ba3245df8274303c79429972f9dc9438e4aa.tar.gz