From e8feaa354e685e527198093904492f67c52c2302 Mon Sep 17 00:00:00 2001 From: zeertzjq Date: Thu, 1 Aug 2024 22:48:53 +0200 Subject: [PATCH] patch 9.1.0650: Coverity warning in cstrncmp() Problem: Coverity warning in cstrncmp() (after v9.1.0645) Solution: Change the type of n2 to int. (zeertzjq) ________________________________________________________________________________________________________ *** CID 1615684: Integer handling issues (INTEGER_OVERFLOW) /src/regexp.c: 1757 in cstrncmp() 1751 n1 -= mb_ptr2len(s1); 1752 MB_PTR_ADV(p); 1753 n2++; 1754 } 1755 // count the number of bytes to advance the same number of chars for s2 1756 p = s2; >>> CID 1615684: Integer handling issues (INTEGER_OVERFLOW) >>> Expression "n2--", which is equal to 18446744073709551615, where "n2" is known to be equal to 0, underflows the type that receives it, an unsigned integer 64 bits wide. 1757 while (n2-- > 0 && *p != NUL) 1758 MB_PTR_ADV(p); 1759 1760 n2 = p - s2; 1761 1762 result = MB_STRNICMP2(s1, s2, *n, n2); closes: #15409 Signed-off-by: zeertzjq Signed-off-by: Christian Brabandt --- src/regexp.c | 4 ++-- src/version.c | 2 ++ 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/src/regexp.c b/src/regexp.c index a1b080e7d9..b020a43e83 100644 --- a/src/regexp.c +++ b/src/regexp.c @@ -1743,7 +1743,7 @@ cstrncmp(char_u *s1, char_u *s2, int *n) else if (enc_utf8) { char_u *p = s1; - size_t n2 = 0; + int n2 = 0; int n1 = *n; // count the number of characters for byte-length of s1 while (n1 > 0 && *p != NUL) @@ -1760,7 +1760,7 @@ cstrncmp(char_u *s1, char_u *s2, int *n) n2 = p - s2; result = MB_STRNICMP2(s1, s2, *n, n2); - if (result == 0 && (int)n2 < *n) + if (result == 0 && n2 < *n) *n = n2; } else diff --git a/src/version.c b/src/version.c index 76b00a9898..c8527db604 100644 --- a/src/version.c +++ b/src/version.c @@ -704,6 +704,8 @@ static char *(features[]) = static int included_patches[] = { /* Add new patch number below this line */ +/**/ + 650, /**/ 649, /**/