To: vim_dev@googlegroups.com
Subject: Patch 8.2.5007
Fcc: outbox
From: Bram Moolenaar <Bram@moolenaar.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
------------

Patch 8.2.5007
Problem:    Spell suggestion may use uninitialized memory. (Zdenek Dohnal)
Solution:   Avoid going over the end of the word.
Files:      src/spellsuggest.c, src/testdir/test_spell_utf8.vim


*** ../vim-8.2.5006/src/spellsuggest.c	2022-05-13 12:41:39.469488941 +0100
--- src/spellsuggest.c	2022-05-23 11:48:06.957642758 +0100
***************
*** 1953,1959 ****
  #endif
  		    ++depth;
  		    sp = &stack[depth];
! 		    ++sp->ts_fidx;
  		    tword[sp->ts_twordlen++] = c;
  		    sp->ts_arridx = idxs[arridx];
  		    if (newscore == SCORE_SUBST)
--- 1953,1960 ----
  #endif
  		    ++depth;
  		    sp = &stack[depth];
! 		    if (fword[sp->ts_fidx] != NUL)
! 			++sp->ts_fidx;
  		    tword[sp->ts_twordlen++] = c;
  		    sp->ts_arridx = idxs[arridx];
  		    if (newscore == SCORE_SUBST)
*** ../vim-8.2.5006/src/testdir/test_spell_utf8.vim	2022-05-08 22:32:55.207569849 +0100
--- src/testdir/test_spell_utf8.vim	2022-05-23 11:56:38.769535596 +0100
***************
*** 629,635 ****
          \ ["bar", "barbork", "end", "fooa1", "fooa\u00E9", "nouend", "prebar", "prebarbork", "start"],
          \ [
          \   ["bad", ["bar", "end", "fooa1"]],
!         \   ["foo", ["fooa1", "fooa\u00E9", "bar"]],
          \   ["fooa2", ["fooa1", "fooa\u00E9", "bar"]],
          \   ["prabar", ["prebar", "bar", "bar bar"]],
          \   ["probarbirk", ["prebarbork"]],
--- 629,635 ----
          \ ["bar", "barbork", "end", "fooa1", "fooa\u00E9", "nouend", "prebar", "prebarbork", "start"],
          \ [
          \   ["bad", ["bar", "end", "fooa1"]],
!         \   ["foo", ["fooa1", "bar", "end"]],
          \   ["fooa2", ["fooa1", "fooa\u00E9", "bar"]],
          \   ["prabar", ["prebar", "bar", "bar bar"]],
          \   ["probarbirk", ["prebarbork"]],
***************
*** 647,653 ****
          \ ["bar", "barbork", "end", "lead", "meea1", "meea\u00E9", "prebar", "prebarbork"],
          \ [
          \   ["bad", ["bar", "end", "lead"]],
!         \   ["mee", ["meea1", "meea\u00E9", "bar"]],
          \   ["meea2", ["meea1", "meea\u00E9", "lead"]],
          \   ["prabar", ["prebar", "bar", "leadbar"]],
          \   ["probarbirk", ["prebarbork"]],
--- 647,653 ----
          \ ["bar", "barbork", "end", "lead", "meea1", "meea\u00E9", "prebar", "prebarbork"],
          \ [
          \   ["bad", ["bar", "end", "lead"]],
!         \   ["mee", ["meea1", "bar", "end"]],
          \   ["meea2", ["meea1", "meea\u00E9", "lead"]],
          \   ["prabar", ["prebar", "bar", "leadbar"]],
          \   ["probarbirk", ["prebarbork"]],
***************
*** 664,670 ****
          \ ["bar", "barmeat", "lead", "meea1", "meea\u00E9", "meezero", "prebar", "prebarmeat", "tail"],
          \ [
          \   ["bad", ["bar", "lead", "tail"]],
!         \   ["mee", ["meea1", "meea\u00E9", "bar"]],
          \   ["meea2", ["meea1", "meea\u00E9", "lead"]],
          \   ["prabar", ["prebar", "bar", "leadbar"]],
          \   ["probarmaat", ["prebarmeat"]],
--- 664,670 ----
          \ ["bar", "barmeat", "lead", "meea1", "meea\u00E9", "meezero", "prebar", "prebarmeat", "tail"],
          \ [
          \   ["bad", ["bar", "lead", "tail"]],
!         \   ["mee", ["meea1", "bar", "lead"]],
          \   ["meea2", ["meea1", "meea\u00E9", "lead"]],
          \   ["prabar", ["prebar", "bar", "leadbar"]],
          \   ["probarmaat", ["prebarmeat"]],
***************
*** 758,768 ****
--- 758,772 ----
    set spl=Xtest_ca.utf-8.spl
    call assert_equal("elequint", FirstSpellWord())
    call assert_equal("elekwint", SecondSpellWord())
+ 
+   set spellfile=
+   set spl&
  endfunc
  
  func Test_spellfile_value()
    set spellfile=Xdir/Xtest.utf-8.add
    set spellfile=Xdir/Xtest.utf-8.add,Xtest_other.add
+   set spellfile=
  endfunc
  
  func Test_no_crash_with_weird_text()
***************
*** 785,789 ****
--- 789,806 ----
    call assert_fails("spellgood! 0\xac", 'E1280:')
  endfunc
  
+ " This was going over the end of the word
+ func Test_word_index()
+   new
+   norm R0
+   spellgood! fl0
+   sil norm z=
+ 
+   bwipe!
+   " clear the word list
+   set enc=utf-8
+   call delete('Xtmpfile')
+ endfunc
+ 
  
  " vim: shiftwidth=2 sts=2 expandtab
*** ../vim-8.2.5006/src/version.c	2022-05-22 22:07:48.063725752 +0100
--- src/version.c	2022-05-23 12:00:32.121521180 +0100
***************
*** 736,737 ****
--- 736,739 ----
  {   /* Add new patch number below this line */
+ /**/
+     5007,
  /**/

-- 
Edison's greatest achievement came in 1879, when he invented the
electric company.  Edison's design was a brilliant adaptation of the
simple electrical circuit: the electric company sends electricity
through a wire to a customer, then immediately gets the electricity
back through another wire

 /// Bram Moolenaar -- Bram@Moolenaar.net -- http://www.Moolenaar.net   \\\
///                                                                      \\\
\\\        sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ ///
 \\\            help me help AIDS victims -- http://ICCF-Holland.org    ///