Problem: Obvious mistakes are accepted as valid expressions.
Solution: Be more strict about parsing numbers. (Yasuhiro Matsumoto,
closes #3981)
* If "what" contains STR2NR_HEX recognize hex numbers
* If "what" contains STR2NR_FORCE always assume bin/oct/hex.
* If maxlen > 0, check at a maximum maxlen chars.
+ * If strict is TRUE, check the number strictly. return *len = 0 if fail.
*/
void
vim_str2nr(
char_u *start,
- int *prep, /* return: type of number 0 = decimal, 'x'
- or 'X' is hex, '0' = octal, 'b' or 'B'
- is bin */
- int *len, /* return: detected length of number */
- int what, /* what numbers to recognize */
- varnumber_T *nptr, /* return: signed result */
- uvarnumber_T *unptr, /* return: unsigned result */
- int maxlen) /* max length of string to check */
+ int *prep, // return: type of number 0 = decimal, 'x'
+ // or 'X' is hex, '0' = octal, 'b' or 'B'
+ // is bin
+ int *len, // return: detected length of number
+ int what, // what numbers to recognize
+ varnumber_T *nptr, // return: signed result
+ uvarnumber_T *unptr, // return: unsigned result
+ int maxlen, // max length of string to check
+ int strict) // check strictly
{
char_u *ptr = start;
- int pre = 0; /* default is decimal */
+ int pre = 0; // default is decimal
int negative = FALSE;
uvarnumber_T un = 0;
int n;
+ if (len != NULL)
+ *len = 0;
+
if (ptr[0] == '-')
{
negative = TRUE;
}
}
- /*
- * Do the string-to-numeric conversion "manually" to avoid sscanf quirks.
- */
+ // Do the conversion manually to avoid sscanf() quirks.
n = 1;
if (pre == 'B' || pre == 'b' || what == STR2NR_BIN + STR2NR_FORCE)
{
break;
}
}
+ // Check for an alpha-numeric character immediately following, that is
+ // most likely a typo.
+ if (strict && n - 1 != maxlen && ASCII_ISALNUM(*ptr))
+ return;
if (prep != NULL)
*prep = pre;
else
{
// decimal, hex or octal number
- vim_str2nr(*arg, NULL, &len, STR2NR_ALL, &n, NULL, 0);
+ vim_str2nr(*arg, NULL, &len, STR2NR_ALL, &n, NULL, 0, TRUE);
+ if (len == 0)
+ {
+ semsg(_(e_invexpr2), *arg);
+ ret = FAIL;
+ break;
+ }
*arg += len;
if (evaluate)
{
case VAR_STRING:
if (varp->vval.v_string != NULL)
vim_str2nr(varp->vval.v_string, NULL, NULL,
- STR2NR_ALL, &n, NULL, 0);
+ STR2NR_ALL, &n, NULL, 0, FALSE);
return n;
case VAR_LIST:
emsg(_("E745: Using a List as a Number"));
case 16: what = STR2NR_HEX + STR2NR_FORCE; break;
default: what = 0;
}
- vim_str2nr(p, NULL, NULL, what, &n, NULL, 0);
+ vim_str2nr(p, NULL, NULL, what, &n, NULL, 0, FALSE);
+ // Text after the number is silently ignored.
if (isneg)
rettv->vval.v_number = -n;
else
{
nrs[lnum - eap->line1].st_u.num.is_number = TRUE;
vim_str2nr(s, NULL, NULL, sort_what,
- &nrs[lnum - eap->line1].st_u.num.value, NULL, 0);
+ &nrs[lnum - eap->line1].st_u.num.value,
+ NULL, 0, FALSE);
}
}
#ifdef FEAT_FLOAT
*str = skipwhite(*str);
if (**str == '-' || vim_isdigit(**str)) /* parse "from" part of range */
{
- vim_str2nr(*str, NULL, &len, 0, &num, NULL, 0);
+ vim_str2nr(*str, NULL, &len, 0, &num, NULL, 0, FALSE);
*str += len;
*num1 = (int)num;
first = TRUE;
if (**str == ',') /* parse "to" part of range */
{
*str = skipwhite(*str + 1);
- vim_str2nr(*str, NULL, &len, 0, &num, NULL, 0);
+ vim_str2nr(*str, NULL, &len, 0, &num, NULL, 0, FALSE);
if (len > 0)
{
*num2 = (int)num;
nr = 0;
len = 0;
vim_str2nr(p + 2, NULL, &len,
- STR2NR_HEX + STR2NR_FORCE, &nr, NULL, 4);
+ STR2NR_HEX + STR2NR_FORCE, &nr, NULL, 4, TRUE);
+ if (len == 0)
+ {
+ ga_clear(&ga);
+ return FAIL;
+ }
p += len + 2;
if (0xd800 <= nr && nr <= 0xdfff
&& (int)(reader->js_end - p) >= 6
/* decode surrogate pair: \ud812\u3456 */
len = 0;
vim_str2nr(p + 2, NULL, &len,
- STR2NR_HEX + STR2NR_FORCE, &nr2, NULL, 4);
+ STR2NR_HEX + STR2NR_FORCE, &nr2, NULL, 4, TRUE);
+ if (len == 0)
+ {
+ ga_clear(&ga);
+ return FAIL;
+ }
if (0xdc00 <= nr2 && nr2 <= 0xdfff)
{
p += len + 2;
vim_str2nr(reader->js_buf + reader->js_used,
NULL, &len, 0, /* what */
- &nr, NULL, 0);
+ &nr, NULL, 0, TRUE);
+ if (len == 0)
+ {
+ emsg(_(e_invarg));
+ retval = FAIL;
+ goto theend;
+ }
if (cur_item != NULL)
{
cur_item->v_type = VAR_NUMBER;
bp += 3; /* skip t_xx, xx may be '-' or '>' */
else if (STRNICMP(bp, "char-", 5) == 0)
{
- vim_str2nr(bp + 5, NULL, &l, STR2NR_ALL, NULL, NULL, 0);
+ vim_str2nr(bp + 5, NULL, &l, STR2NR_ALL, NULL, NULL, 0, TRUE);
+ if (l == 0)
+ {
+ emsg(_(e_invarg));
+ return 0;
+ }
bp += l + 5;
break;
}
&& VIM_ISDIGIT(last_dash[6]))
{
/* <Char-123> or <Char-033> or <Char-0x33> */
- vim_str2nr(last_dash + 6, NULL, NULL, STR2NR_ALL, NULL, &n, 0);
+ vim_str2nr(last_dash + 6, NULL, &l, STR2NR_ALL, NULL, &n, 0, TRUE);
+ if (l == 0)
+ {
+ emsg(_(e_invarg));
+ return 0;
+ }
key = (int)n;
}
else
0 + (dobin ? STR2NR_BIN : 0)
+ (dooct ? STR2NR_OCT : 0)
+ (dohex ? STR2NR_HEX : 0),
- NULL, &n, maxlen);
+ NULL, &n, maxlen, FALSE);
/* ignore leading '-' for hex and octal and bin numbers */
if (pre && negative)
/* Allow negative (for 'undolevels'), octal and
* hex numbers. */
vim_str2nr(arg, NULL, &i, STR2NR_ALL,
- &value, NULL, 0);
- if (arg[i] != NUL && !VIM_ISWHITE(arg[i]))
+ &value, NULL, 0, TRUE);
+ if (i == 0 || (arg[i] != NUL && !VIM_ISWHITE(arg[i])))
{
- errmsg = e_invarg;
+ errmsg = N_("E521: Number required after =");
goto skip;
}
}
char_u *skiptowhite_esc(char_u *p);
long getdigits(char_u **pp);
int vim_isblankline(char_u *lbuf);
-void vim_str2nr(char_u *start, int *prep, int *len, int what, varnumber_T *nptr, uvarnumber_T *unptr, int maxlen);
+void vim_str2nr(char_u *start, int *prep, int *len, int what, varnumber_T *nptr, uvarnumber_T *unptr, int maxlen, int strict);
int hex2nr(int c);
int hexhex2nr(char_u *p);
int rem_backslash(char_u *str);
call assert_equal('b', 'a'[4:0] . 'b')
call assert_equal('b', 'b' . 'a'[4:0])
endfunc
+
+func Test_broken_number()
+ let X = 'bad'
+ call assert_fails('echo 1X', 'E15:')
+ call assert_fails('echo 0b1X', 'E15:')
+ call assert_fails('echo 0b12', 'E15:')
+ call assert_fails('echo 0x1X', 'E15:')
+ call assert_fails('echo 011X', 'E15:')
+ call assert_equal(2, str2nr('2a'))
+ call assert_fails('inoremap <Char-0b1z> b', 'E474:')
+endfunc
call assert_fails('call json_decode("{{}:42}")', "E474:")
call assert_fails('call json_decode("{[]:42}")', "E474:")
+
+ call assert_fails('call json_decode("\"\\u111Z\"")', 'E474:')
+ call assert_equal('[😂]', json_decode('"[\uD83D\uDE02]"'))
+ call assert_equal('a😂b', json_decode('"a\uD83D\uDE02b"'))
endfunc
let s:jsl5 = '[7,,,]'
static int included_patches[] =
{ /* Add new patch number below this line */
+/**/
+ 1355,
/**/
1354,
/**/
projects / vim / commitdiff