patch 8.1.1827: allocating more memory than needed for extended structs

author Bram Moolenaar <Bram@vim.org>

Thu, 8 Aug 2019 18:49:14 +0000 (20:49 +0200)

committer Bram Moolenaar <Bram@vim.org>

Thu, 8 Aug 2019 18:49:14 +0000 (20:49 +0200)
author Bram Moolenaar <Bram@vim.org>
Thu, 8 Aug 2019 18:49:14 +0000 (20:49 +0200)
committer Bram Moolenaar <Bram@vim.org>
Thu, 8 Aug 2019 18:49:14 +0000 (20:49 +0200)
diff --git a/src/getchar.c b/src/getchar.c

index 4a3587c3f27d4dad7650cf1404d7597f1a148676..b0e72f58f28490cc65e43b7a638d3e31d22eb80b 100644 (file)
--- a/src/getchar.c
+++ b/src/getchar.c
@@ -232,7 +232,7 @@ add_buff(
             len = MINIMAL_SIZE;
         else
             len = slen;
-       p = alloc(sizeof(buffblock_T) + len);
+       p = alloc(offsetof(buffblock_T, b_str) + len + 1);
         if (p == NULL)
             return; /* no space, just forget it */
         buf->bh_space = (int)(len - slen);
diff --git a/src/regexp.c b/src/regexp.c

index c95795d0c9a7cc5e27047ceec453fc0a15e68250..dd99607f49a8e970e295cf04db50acc6e40edbb5 100644 (file)
--- a/src/regexp.c
+++ b/src/regexp.c
@@ -1319,7 +1319,7 @@ bt_regcomp(char_u *expr, int re_flags)
         return NULL;
  
      /* Allocate space. */
-    r = alloc(sizeof(bt_regprog_T) + regsize);
+    r = alloc(offsetof(bt_regprog_T, program) + regsize);
      if (r == NULL)
         return NULL;
      r->re_in_use = FALSE;
diff --git a/src/sign.c b/src/sign.c

index 2cec269f94b0c7f333b4170af53065e58a38f949..9a7ca21bae55f5a031ab22379a70729551ba62b3 100644 (file)
--- a/src/sign.c
+++ b/src/sign.c
@@ -85,7 +85,7 @@ sign_group_ref(char_u *groupname)
      if (HASHITEM_EMPTY(hi))
      {
         // new group
-       group = alloc(sizeof(signgroup_T) + STRLEN(groupname));
+       group = alloc(offsetof(signgroup_T, sg_name) + STRLEN(groupname) + 1);
         if (group == NULL)
             return NULL;
         STRCPY(group->sg_name, groupname);
diff --git a/src/structs.h b/src/structs.h

index c34bbeb7ba2cc67a879df0386a73a7aa86c19786..0aedbbd2ca5945b61a174ccbb0c73583d3dc72f1 100644 (file)
--- a/src/structs.h
+++ b/src/structs.h
@@ -742,9 +742,9 @@ typedef struct proptype_S
  // Sign group
  typedef struct signgroup_S
  {
-    short_u    refcount;               // number of signs in this group
      int                next_sign_id;           // next sign id for this group
-    char_u     sg_name[1];             // sign group name
+    short_u    refcount;               // number of signs in this group
+    char_u     sg_name[1];             // sign group name, actually longer
  } signgroup_T;
  
  typedef struct signlist signlist_T;
diff --git a/src/syntax.c b/src/syntax.c

index ad2e1a0cc98c1470d27e46a23d5b6cf99a926918..3d06f44f7791b7f5bb5fa4089f6abb64692174ad 100644 (file)
--- a/src/syntax.c
+++ b/src/syntax.c
@@ -4394,7 +4394,7 @@ add_keyword(
                                                  name_folded, MAXKEYWLEN + 1);
      else
         name_ic = name;
-    kp = alloc(sizeof(keyentry_T) + STRLEN(name_ic));
+    kp = alloc(offsetof(keyentry_T, keyword) + STRLEN(name_ic) + 1);
      if (kp == NULL)
         return;
      STRCPY(kp->keyword, name_ic);
diff --git a/src/textprop.c b/src/textprop.c

index f219b925fa1a4833900f7e494d9e326e5d833bbf..a976414290813c9120efaa9b5c1dce246128efcb 100644 (file)
--- a/src/textprop.c
+++ b/src/textprop.c
@@ -695,7 +695,7 @@ prop_type_set(typval_T *argvars, int add)
             semsg(_("E969: Property type %s already defined"), name);
             return;
         }
-       prop = alloc_clear(sizeof(proptype_T) + STRLEN(name));
+       prop = alloc_clear(offsetof(proptype_T, pt_name) + STRLEN(name) + 1);
         if (prop == NULL)
             return;
         STRCPY(prop->pt_name, name);
diff --git a/src/userfunc.c b/src/userfunc.c

index a739a757b7213f3b5cd9b2a349e356250eefd068..2bdc2b1cd98d3b4933985dc256f22cffa8893b4f 100644 (file)
--- a/src/userfunc.c
+++ b/src/userfunc.c
@@ -288,7 +288,7 @@ get_lambda_tv(char_u **arg, typval_T *rettv, int evaluate)
  
         sprintf((char*)name, "<lambda>%d", ++lambda_no);
  
-       fp = alloc_clear(sizeof(ufunc_T) + STRLEN(name));
+       fp = alloc_clear(offsetof(ufunc_T, uf_name) + STRLEN(name) + 1);
         if (fp == NULL)
             goto errret;
         pt = ALLOC_CLEAR_ONE(partial_T);
@@ -2631,7 +2631,7 @@ ex_function(exarg_T *eap)
             }
         }
  
-       fp = alloc_clear(sizeof(ufunc_T) + STRLEN(name));
+       fp = alloc_clear(offsetof(ufunc_T, uf_name) + STRLEN(name) + 1);
         if (fp == NULL)
             goto erret;
  
diff --git a/src/version.c b/src/version.c

index 93b8a2dcc64cbe83e1c6550e876f6e4fbcb99ca3..4f8f152cd820cf69836886bfb0343da2d0732906 100644 (file)
--- a/src/version.c
+++ b/src/version.c
@@ -769,6 +769,8 @@ static char *(features[]) =
  
  static int included_patches[] =
  {   /* Add new patch number below this line */
+/**/
+    1827,
  /**/
      1826,
  /**/
author	Bram Moolenaar <Bram@vim.org>
	Thu, 8 Aug 2019 18:49:14 +0000 (20:49 +0200)
committer	Bram Moolenaar <Bram@vim.org>
	Thu, 8 Aug 2019 18:49:14 +0000 (20:49 +0200)
src/getchar.c		patch \| blob \| history
src/regexp.c		patch \| blob \| history
src/sign.c		patch \| blob \| history
src/structs.h		patch \| blob \| history
src/syntax.c		patch \| blob \| history
src/textprop.c		patch \| blob \| history
src/userfunc.c		patch \| blob \| history
src/version.c		patch \| blob \| history