To: vim_dev@googlegroups.com

Subject: Patch 7.3.148

Fcc: outbox

From: Bram Moolenaar <Bram@moolenaar.net>

Mime-Version: 1.0

Content-Type: text/plain; charset=UTF-8

Content-Transfer-Encoding: 8bit

------------

Patch 7.3.148

Problem:    A syntax file with a huge number of items or clusters causes weird

	    behavior, a hang or a crash. (Yukihiro Nakadaira)

Solution:   Check running out of IDs. (partly by Ben Schmidt)

Files:	    src/syntax.c

*** ../vim-7.3.147/src/syntax.c	2011-01-22 00:58:15.000000000 +0100

--- src/syntax.c	2011-04-01 14:25:39.000000000 +0200

***************

*** 219,234 ****

  /*

   * Syntax group IDs have different types:

!  *     0 -  9999  normal syntax groups

!  * 10000 - 14999  ALLBUT indicator (current_syn_inc_tag added)

!  * 15000 - 19999  TOP indicator (current_syn_inc_tag added)

!  * 20000 - 24999  CONTAINED indicator (current_syn_inc_tag added)

!  * >= 25000	  cluster IDs (subtract SYNID_CLUSTER for the cluster ID)

!  */

! #define SYNID_ALLBUT	10000	    /* syntax group ID for contains=ALLBUT */

! #define SYNID_TOP	15000	    /* syntax group ID for contains=TOP */

! #define SYNID_CONTAINED	20000	    /* syntax group ID for contains=CONTAINED */

! #define SYNID_CLUSTER	25000	    /* first syntax group ID for clusters */

  /*

   * Annoying Hack(TM):  ":syn include" needs this pointer to pass to

--- 219,238 ----

  /*

   * Syntax group IDs have different types:

!  *     0 - 19999  normal syntax groups

!  * 20000 - 20999  ALLBUT indicator (current_syn_inc_tag added)

!  * 21000 - 21999  TOP indicator (current_syn_inc_tag added)

!  * 22000 - 22999  CONTAINED indicator (current_syn_inc_tag added)

!  * 23000 - 32767  cluster IDs (subtract SYNID_CLUSTER for the cluster ID)

!  */

! #define SYNID_ALLBUT	20000	    /* syntax group ID for contains=ALLBUT */

! #define SYNID_TOP	21000	    /* syntax group ID for contains=TOP */

! #define SYNID_CONTAINED	22000	    /* syntax group ID for contains=CONTAINED */

! #define SYNID_CLUSTER	23000	    /* first syntax group ID for clusters */

! 

! #define MAX_SYNID       SYNID_ALLBUT

! #define MAX_SYN_INC_TAG	999	    /* maximum before the above overflow */

! #define MAX_CLUSTER_ID  (32767 - SYNID_CLUSTER)

  /*

   * Annoying Hack(TM):  ":syn include" needs this pointer to pass to

***************

*** 3442,3447 ****

--- 3446,3454 ----

      /* free the stored states */

      syn_stack_free_all(block);

      invalidate_current_state();

+ 

+     /* Reset the counter for ":syn include" */

+     running_syn_inc_tag = 0;

  }

  /*

***************

*** 4661,4666 ****

--- 4668,4675 ----

  	    return;

  	}

  	sgl_id = syn_check_cluster(arg, (int)(group_name_end - arg));

+ 	if (sgl_id == 0)

+ 	    return;

  	/* separate_nextcmd() and expand_filename() depend on this */

  	eap->arg = rest;

      }

***************

*** 4689,4694 ****

--- 4698,4708 ----

       * Save and restore the existing top-level grouplist id and ":syn

       * include" tag around the actual inclusion.

       */

+     if (running_syn_inc_tag >= MAX_SYN_INC_TAG)

+     {

+ 	EMSG((char_u *)_("E847: Too many syntax includes"));

+ 	return;

+     }

      prev_syn_inc_tag = current_syn_inc_tag;

      current_syn_inc_tag = ++running_syn_inc_tag;

      prev_toplvl_grp = curwin->w_s->b_syn_topgrp;

***************

*** 4712,4718 ****

      char_u	*group_name_end;

      int		syn_id;

      char_u	*rest;

!     char_u	*keyword_copy;

      char_u	*p;

      char_u	*kw;

      syn_opt_arg_T syn_opt_arg;

--- 4726,4732 ----

      char_u	*group_name_end;

      int		syn_id;

      char_u	*rest;

!     char_u	*keyword_copy = NULL;

      char_u	*p;

      char_u	*kw;

      syn_opt_arg_T syn_opt_arg;

***************

*** 4724,4732 ****

      if (rest != NULL)

      {

  	syn_id = syn_check_group(arg, (int)(group_name_end - arg));

! 

! 	/* allocate a buffer, for removing the backslashes in the keyword */

! 	keyword_copy = alloc((unsigned)STRLEN(rest) + 1);

  	if (keyword_copy != NULL)

  	{

  	    syn_opt_arg.flags = 0;

--- 4738,4746 ----

      if (rest != NULL)

      {

  	syn_id = syn_check_group(arg, (int)(group_name_end - arg));

! 	if (syn_id != 0)

! 	    /* allocate a buffer, for removing backslashes in the keyword */

! 	    keyword_copy = alloc((unsigned)STRLEN(rest) + 1);

  	if (keyword_copy != NULL)

  	{

  	    syn_opt_arg.flags = 0;

***************

*** 5133,5139 ****

  			    (item == ITEM_SKIP) ? SPTYPE_SKIP : SPTYPE_END;

  		    SYN_ITEMS(curwin->w_s)[idx].sp_flags |= syn_opt_arg.flags;

  		    SYN_ITEMS(curwin->w_s)[idx].sp_syn.id = syn_id;

! 		    SYN_ITEMS(curwin->w_s)[idx].sp_syn.inc_tag = current_syn_inc_tag;

  		    SYN_ITEMS(curwin->w_s)[idx].sp_syn_match_id =

  							ppp->pp_matchgroup_id;

  #ifdef FEAT_CONCEAL

--- 5147,5154 ----

  			    (item == ITEM_SKIP) ? SPTYPE_SKIP : SPTYPE_END;

  		    SYN_ITEMS(curwin->w_s)[idx].sp_flags |= syn_opt_arg.flags;

  		    SYN_ITEMS(curwin->w_s)[idx].sp_syn.id = syn_id;

! 		    SYN_ITEMS(curwin->w_s)[idx].sp_syn.inc_tag =

! 							  current_syn_inc_tag;

  		    SYN_ITEMS(curwin->w_s)[idx].sp_syn_match_id =

  							ppp->pp_matchgroup_id;

  #ifdef FEAT_CONCEAL

***************

*** 5426,5431 ****

--- 5441,5454 ----

  	curwin->w_s->b_syn_clusters.ga_growsize = 10;

      }

+     len = curwin->w_s->b_syn_clusters.ga_len;

+     if (len >= MAX_CLUSTER_ID)

+     {

+ 	EMSG((char_u *)_("E848: Too many syntax clusters"));

+ 	vim_free(name);

+ 	return 0;

+     }

+ 

      /*

       * Make room for at least one other cluster entry.

       */

***************

*** 5434,5440 ****

  	vim_free(name);

  	return 0;

      }

-     len = curwin->w_s->b_syn_clusters.ga_len;

      vim_memset(&(SYN_CLSTR(curwin->w_s)[len]), 0, sizeof(syn_cluster_T));

      SYN_CLSTR(curwin->w_s)[len].scl_name = name;

--- 5457,5462 ----

***************

*** 5476,5483 ****

      if (rest != NULL)

      {

! 	scl_id = syn_check_cluster(arg, (int)(group_name_end - arg))

! 							      - SYNID_CLUSTER;

  	for (;;)

  	{

--- 5498,5507 ----

      if (rest != NULL)

      {

! 	scl_id = syn_check_cluster(arg, (int)(group_name_end - arg));

! 	if (scl_id == 0)

! 	    return;

! 	scl_id -= SYNID_CLUSTER;

  	for (;;)

  	{

***************

*** 5516,5522 ****

  	if (got_clstr)

  	{

  	    redraw_curbuf_later(SOME_VALID);

! 	    syn_stack_free_all(curwin->w_s);	/* Need to recompute all syntax. */

  	}

      }

--- 5540,5546 ----

  	if (got_clstr)

  	{

  	    redraw_curbuf_later(SOME_VALID);

! 	    syn_stack_free_all(curwin->w_s);	/* Need to recompute all. */

  	}

      }

***************

*** 8972,8977 ****

--- 8996,9008 ----

  	highlight_ga.ga_growsize = 10;

      }

+     if (highlight_ga.ga_len >= MAX_SYNID)

+     {

+ 	EMSG(_("E849: Too many syntax groups"));

+ 	vim_free(name);

+ 	return 0;

+     }

+ 

      /*

       * Make room for at least one other syntax_highlight entry.

       */

*** ../vim-7.3.147/src/version.c	2011-04-01 13:05:37.000000000 +0200

--- src/version.c	2011-04-01 14:26:44.000000000 +0200

***************

*** 716,717 ****

--- 716,719 ----

  {   /* Add new patch number below this line */

+ /**/

+     148,

  /**/

-- 

BLACK KNIGHT: None shall pass.

ARTHUR:       I have no quarrel with you, brave Sir knight, but I must cross

              this bridge.

BLACK KNIGHT: Then you shall die.

                 "Monty Python and the Holy Grail" PYTHON (MONTY) PICTURES LTD

 /// Bram Moolenaar -- Bram@Moolenaar.net -- http://www.Moolenaar.net   \\\

///        sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\

\\\  an exciting new programming language -- http://www.Zimbu.org        ///

 \\\            help me help AIDS victims -- http://ICCF-Holland.org    ///