Bug#563071: [patch] Vim crashes after setpos('.', [0, 1, 0, 0])
James Vega
jamessan at debian.org
Wed Dec 30 17:43:57 UTC 2009
Bram,
Calling setpos() with a number <= 0 for the col argument results in a
negative value for curwin->w_cursor.col, which can cause various
commands that rely on the col value to crash Vim.
A simple example is:
$ echo foo > foo
$ vim -u NONE -c 'call setpos(".", [0, 1, 0, 0])' -c 'normal x' foo
This is due to f_setpos blindly decrementing the col value it gets back
from list2fpos. Since there may be other places which can cause col to
be negative, the attached patch updates check_cursor_col to ensure that
curwin->w_cursor.col is always >= 0, similar to check_cursor_lnum's
behavior.
--
James
GPG Key: 1024D/61326D40 2003-09-02 James Vega <jamessan at debian.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: setpos.diff
Type: text/x-diff
Size: 332 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-vim-maintainers/attachments/20091230/ba8df8be/attachment.diff>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-vim-maintainers/attachments/20091230/ba8df8be/attachment.pgp>
More information about the pkg-vim-maintainers
mailing list