VimPlug/fzf
1
0
Fork 0
mirror of https://github.com/junegunn/fzf.git synced 2026-05-25 17:58:50 +08:00
Code Issues Actions 4 Packages Projects Releases Wiki Activity

Fix integer overflow in FuzzyMatchV2 guard on 32-bit builds

Browse Source 
On 32-bit platforms (GOARCH=386, arm), N*M overflows int when N is
large and M approaches 1000, wrapping negative. The wrapped value
slips past both `N*M > cap(slab.I16)` and `M > 1000`, so the V1
fallback is skipped and alloc16 panics on a negative slice bound.

Cast to int64 before multiplying.

Affects shipped 32-bit ARM builds (linux_armv5/6/7, windows_armv5/6/7).

Reported with fix by Michal Majchrowicz and Marcin Wyczechowski
(AFINE Team).
This commit is contained in:
Junegunn Choi
2026-05-23 23:06:47 +09:00
parent d4352a013d
commit ccedd064ca
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/algo/algo.go
+1 -1
View File
@@ -443,7 +443,7 @@ func FuzzyMatchV2(caseSensitive bool, normalize bool, forward bool, input *util.
// we fall back to the greedy algorithm. // we fall back to the greedy algorithm.
// Also, we should not allow a very long pattern to avoid 16-bit integer // Also, we should not allow a very long pattern to avoid 16-bit integer
// overflow in the score matrix. 1000 is a safe limit. // overflow in the score matrix. 1000 is a safe limit.
if slab != nil && N*M > cap(slab.I16) || M > 1000 { if slab != nil && int64(N)*int64(M) > int64(cap(slab.I16)) || M > 1000 {
return FuzzyMatchV1(caseSensitive, normalize, forward, input, pattern, withPos, slab) return FuzzyMatchV1(caseSensitive, normalize, forward, input, pattern, withPos, slab)
} }