Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fix(fileio): Fix off-by-one in rename_with_tmp
`_FORTIFY_SOURCE` on Ubuntu caught this, resulting in: [OLDTEST] Running test_rename Failed: test_rename :: Nvim exited with non-zero code Job exited with code 134 Screen (23 lines) ================================================================================ "test_rename.vim" "test_rename.vim" 120L, 3623B Executing Test_rename_copy() Executing Test_rename_dir_to_dir() Executing Test_rename_fails() Error detected while processing command line..script /<<BUILDDIR>>/neovim-0.9.5/test/old/testdir/runtest.vim[437]..function RunTheTest[44]..Test_rename_fails: line 17: E730: using List as a String line 18: E976: using Blob as a String Executing Test_rename_file_ignore_case()*** buffer overflow detected ***: terminated `snprintf`'s second parameter should be no greater than the number of remaining bytes in the allocated object. We can see that this was off by one, because in the simple case where `tail == tempname` (for a file in the current directory), `rename_with_tmp` was passing `MAXPATHL + 2` for an object allocated with a size of only `MAXPATHL + 1`. Introduced in 5f1a153.
- Loading branch information