From: Bram Moolenaar <Bram@vim.org>
Date: Wed, 27 Oct 2010 11:37:44 +0000 (+0200)
Subject: updated for version 7.3.040
X-Git-Tag: v7.3.040
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=c395a3aac26875fd494a98b0a2221a414d9076d7;p=vim

updated for version 7.3.040
Problem:    Comparing strings while ignoring case goes beyond end of the
            string when there are illegal bytes. (Dominique Pelle)
Solution:   Explicitly check for illegal bytes.
---

diff --git a/src/mbyte.c b/src/mbyte.c
index 9c0b18791..61a7d8bd6 100644
--- a/src/mbyte.c
+++ b/src/mbyte.c
@@ -3124,6 +3124,9 @@ mb_strnicmp(s1, s2, nn)
 		/* If one of the two characters is incomplete return -1. */
 		if (incomplete || i + utf_byte2len(s2[i]) > n)
 		    return -1;
+		/* Don't case-fold illegal bytes or truncated characters. */
+		if (utf_ptr2len(s1 + i) < l || utf_ptr2len(s2 + i) < l)
+		    return -1;
 		cdiff = utf_fold(utf_ptr2char(s1 + i))
 					     - utf_fold(utf_ptr2char(s2 + i));
 		if (cdiff != 0)
diff --git a/src/version.c b/src/version.c
index b334cdb16..3285341ee 100644
--- a/src/version.c
+++ b/src/version.c
@@ -714,6 +714,8 @@ static char *(features[]) =
 
 static int included_patches[] =
 {   /* Add new patch number below this line */
+/**/
+    40,
 /**/
     39,
 /**/