patch 8.0.0636: when reading the undo file fails may use uninitialized data

Problem:    When reading the undo file fails may use uninitialized data.
Solution:   Always clear the buffer on failure.

diff --git a/src/undo.c b/src/undo.c
index 82c66b6ef0049c8e98ccae9000c524464cca7ff4..aeca25f009509beb0fa968b03878402dae22b2b0 100644 (file)
--- a/src/undo.c
+++ b/src/undo.c
@@ -1063,6 +1063,8 @@ undo_read_time(bufinfo_T *bi)
     static int
 undo_read(bufinfo_T *bi, char_u *buffer, size_t size)
 {
+    int retval = OK;
+
 #ifdef FEAT_CRYPT
     if (bi->bi_buffer != NULL)
     {
@@ -1078,10 +1080,8 @@ undo_read(bufinfo_T *bi, char_u *buffer, size_t size)
                n = fread(bi->bi_buffer, 1, (size_t)CRYPT_BUF_SIZE, bi->bi_fp);
                if (n == 0)
                {
-                   /* Error may be checked for only later.  Fill with zeros,
-                    * so that the reader won't use garbage. */
-                   vim_memset(p, 0, size_todo);
-                   return FAIL;
+                   retval = FAIL;
+                   break;
                }
                bi->bi_avail = n;
                bi->bi_used = 0;
@@ -1095,12 +1095,17 @@ undo_read(bufinfo_T *bi, char_u *buffer, size_t size)
            size_todo -= (int)n;
            p += n;
        }
-       return OK;
     }
+    else
 #endif
     if (fread(buffer, (size_t)size, 1, bi->bi_fp) != 1)
-       return FAIL;
-    return OK;
+       retval = FAIL;
+
+    if (retval == FAIL)
+       /* Error may be checked for only later.  Fill with zeros,
+        * so that the reader won't use garbage. */
+       vim_memset(buffer, 0, size);
+    return retval;
 }
 
 /*

diff --git a/src/version.c b/src/version.c
index cac2c876d40d4d030362845ee012094fde1a37bc..6d33f125d7f2920f39db1d6b04dd90e55bdf1f5d 100644 (file)
--- a/src/version.c
+++ b/src/version.c
@@ -764,6 +764,8 @@ static char *(features[]) =
 
 static int included_patches[] =
 {   /* Add new patch number below this line */
+/**/
+    636,
 /**/
     635,
 /**/