patch 8.2.2515: memory access error when truncating an empty message

brammool · brammool · commit 6281815eccc3 · 2021-02-14T15:37:30.000+01:00
Problem:    Memory access error when truncating an empty message.
Solution:   Check for an empty string. (Dominique Pellé, closes #7841)
diff --git a/src/message.c b/src/message.c
@@ -248,6 +248,13 @@ trunc_string(
     int		i;
     int		n;
 
+    if (*s == NUL)
+    {
+	if (buflen > 0)
+	    *buf = NUL;
+	return;
+    }
+
     if (room_in < 3)
 	room = 0;
     half = room / 2;
diff --git a/src/message_test.c b/src/message_test.c
@@ -49,6 +49,15 @@ test_trunc_string(void)
     char_u  *buf; /*allocated every time to find uninit errors */
     char_u  *s;
 
+    // Should not write anything to destination if buflen is 0.
+    trunc_string((char_u *)"", NULL, 1, 0);
+
+    // Truncating an empty string does nothing.
+    buf = alloc(1);
+    trunc_string((char_u *)"", buf, 1, 1);
+    assert(buf[0] == NUL);
+    vim_free(buf);
+
     // in place
     buf = alloc(40);
     STRCPY(buf, "text");
diff --git a/src/version.c b/src/version.c
@@ -750,6 +750,8 @@ static char *(features[]) =
 
 static int included_patches[] =
 {   /* Add new patch number below this line */
+/**/
+    2515,
 /**/
     2514,
 /**/
