patch 8.0.0636: when reading the undo file fails may use uninitialized datav8.0.0636

Problem:    When reading the undo file fails may use uninitialized data.
Solution:   Always clear the buffer on failure.

2 files changed, 14 insertions, 7 deletions

diff --git a/src/undo.c b/src/undo.c
index 82c66b6ef..aeca25f00 100644
--- a/src/undo.c
+++ b/src/undo.c
@@ -1063,6 +1063,8 @@ undo_read_time(bufinfo_T *bi)
     static int
 undo_read(bufinfo_T *bi, char_u *buffer, size_t size)
 {
+    int retval = OK;
+
 #ifdef FEAT_CRYPT
     if (bi->bi_buffer != NULL)
     {
@@ -1078,10 +1080,8 @@ undo_read(bufinfo_T *bi, char_u *buffer, size_t size)
 		n = fread(bi->bi_buffer, 1, (size_t)CRYPT_BUF_SIZE, bi->bi_fp);
 		if (n == 0)
 		{
-		    /* Error may be checked for only later.  Fill with zeros,
-		     * so that the reader won't use garbage. */
-		    vim_memset(p, 0, size_todo);
-		    return FAIL;
+		    retval = FAIL;
+		    break;
 		}
 		bi->bi_avail = n;
 		bi->bi_used = 0;
@@ -1095,12 +1095,17 @@ undo_read(bufinfo_T *bi, char_u *buffer, size_t size)
 	    size_todo -= (int)n;
 	    p += n;
 	}
-	return OK;
     }
+    else
 #endif
     if (fread(buffer, (size_t)size, 1, bi->bi_fp) != 1)
-	return FAIL;
-    return OK;
+	retval = FAIL;
+
+    if (retval == FAIL)
+	/* Error may be checked for only later.  Fill with zeros,
+	 * so that the reader won't use garbage. */
+	vim_memset(buffer, 0, size);
+    return retval;
 }
 
 /*
diff --git a/src/version.c b/src/version.c
index cac2c876d..6d33f125d 100644
--- a/src/version.c
+++ b/src/version.c
@@ -765,6 +765,8 @@ static char *(features[]) =
 static int included_patches[] =
 {   /* Add new patch number below this line */
 /**/
+    636,
+/**/
     635,
 /**/
     634,