patch 8.1.0908: can't handle large value for %{nr}v in regexp

Problem:    Can't handle large value for %{nr}v in regexp. (Kuang-che Wu)
Solution:   Give an error if the value is too large. (closes #3948)

diff --git a/src/regexp_nfa.c b/src/regexp_nfa.c
index 18bc8d9a601743f591cc527756ec44acf2105821..3e2ef93fa1dbd3556171b28e2a9bafc90407bde5 100644 (file)
--- a/src/regexp_nfa.c
+++ b/src/regexp_nfa.c
@@ -1550,6 +1550,8 @@ nfa_regatom(void)
                        }
                        if (c == 'l' || c == 'c' || c == 'v')
                        {
+                           int limit = INT_MAX;
+
                            if (c == 'l')
                            {
                                /* \%{n}l  \%{n}<l  \%{n}>l  */
@@ -1563,16 +1565,17 @@ nfa_regatom(void)
                                EMIT(cmp == '<' ? NFA_COL_LT :
                                     cmp == '>' ? NFA_COL_GT : NFA_COL);
                            else
+                           {
                                /* \%{n}v  \%{n}<v  \%{n}>v  */
                                EMIT(cmp == '<' ? NFA_VCOL_LT :
                                     cmp == '>' ? NFA_VCOL_GT : NFA_VCOL);
-#if VIM_SIZEOF_INT < VIM_SIZEOF_LONG
-                           if (n > INT_MAX)
+                               limit = INT_MAX / MB_MAXBYTES;
+                           }
+                           if (n >= limit)
                            {
                                emsg(_("E951: \\% value too large"));
                                return FAIL;
                            }
-#endif
                            EMIT((int)n);
                            break;
                        }

diff --git a/src/version.c b/src/version.c
index a66e8b6adf5c4b80040a5b6e62ec83c53304c626..a6d7addc6928ba18fb716de61f4e4ecb64398716 100644 (file)
--- a/src/version.c
+++ b/src/version.c
@@ -783,6 +783,8 @@ static char *(features[]) =
 
 static int included_patches[] =
 {   /* Add new patch number below this line */
+/**/
+    908,
 /**/
     907,
 /**/