From 33f3c5985491032d5bdfc30e722e85d5a0285e64 Mon Sep 17 00:00:00 2001
From: Bram Moolenaar <Bram@vim.org>
Date: Sat, 12 Feb 2022 20:46:15 +0000
Subject: [PATCH] patch 8.2.4362: :retab may allocate too much memory

Problem:    :retab may allocate too much memory.
Solution:   Bail out when allocating more than MAXCOL bytes.
---
 src/indent.c  | 9 ++++++++-
 src/version.c | 2 ++
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/src/indent.c b/src/indent.c
index 232c534973..3148495db1 100644
--- a/src/indent.c
+++ b/src/indent.c
@@ -1607,6 +1607,7 @@ ex_retab(exarg_T *eap)
     long	start_col = 0;		// For start of white-space string
     long	start_vcol = 0;		// For start of white-space string
     long	old_len;
+    long	new_len;
     char_u	*ptr;
     char_u	*new_line = (char_u *)1; // init to non-NULL
     int		did_undo;		// called u_save for current line
@@ -1724,7 +1725,13 @@ ex_retab(exarg_T *eap)
 			// len is actual number of white characters used
 			len = num_spaces + num_tabs;
 			old_len = (long)STRLEN(ptr);
-			new_line = alloc(old_len - col + start_col + len + 1);
+			new_len = old_len - col + start_col + len + 1;
+			if (new_len >= MAXCOL)
+			{
+			    emsg(_(e_resulting_text_too_long));
+			    break;
+			}
+			new_line = alloc(new_len);
 			if (new_line == NULL)
 			    break;
 			if (start_col > 0)
diff --git a/src/version.c b/src/version.c
index 933fe36062..1fc176779d 100644
--- a/src/version.c
+++ b/src/version.c
@@ -750,6 +750,8 @@ static char *(features[]) =
 
 static int included_patches[] =
 {   /* Add new patch number below this line */
+/**/
+    4362,
 /**/
     4361,
 /**/