From ed7cb2df35244e40e5c4df06169b50e705427576 Mon Sep 17 00:00:00 2001
From: Bram Moolenaar <Bram@vim.org>
Date: Wed, 11 Aug 2021 17:13:54 +0200
Subject: patch 8.2.3331: Coverity warns for using value without boundary check

Problem:    Coverity warns for using value without boundary check.
Solution:   Add a boundary check.
---
 src/version.c | 2 ++
 src/viminfo.c | 7 ++++---
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/src/version.c b/src/version.c
index 2b8b50810..213086728 100644
--- a/src/version.c
+++ b/src/version.c
@@ -755,6 +755,8 @@ static char *(features[]) =
 
 static int included_patches[] =
 {   /* Add new patch number below this line */
+/**/
+    3331,
 /**/
     3330,
 /**/
diff --git a/src/viminfo.c b/src/viminfo.c
index 1d3bac15e..530346f40 100644
--- a/src/viminfo.c
+++ b/src/viminfo.c
@@ -253,17 +253,18 @@ viminfo_readstring(
     int		off,		    // offset for virp->vir_line
     int		convert UNUSED)	    // convert the string
 {
-    char_u	*retval;
+    char_u	*retval = NULL;
     char_u	*s, *d;
     long	len;
 
     if (virp->vir_line[off] == Ctrl_V && vim_isdigit(virp->vir_line[off + 1]))
     {
 	len = atol((char *)virp->vir_line + off + 1);
-	retval = lalloc(len, TRUE);
+	if (len > 0 && len < 1000000)
+	    retval = lalloc(len, TRUE);
 	if (retval == NULL)
 	{
-	    // Line too long?  File messed up?  Skip next line.
+	    // Invalid length, line too long, out of memory?  Skip next line.
 	    (void)vim_fgets(virp->vir_line, 10, virp->vir_fd);
 	    return NULL;
 	}
-- 
cgit v1.2.1