vi: correctly detect when a deletion empties the buffer

Michał Berger has reported two issues:

- Repeatedly deleting and undoing the deletion of the last line
  results in characters being lost from the end of the line.

- Deleting the bottom line twice then attempting to undo each of
  these deletions results in a segfault.

The problem seems to be an incorrect test for whether the text buffer
is empty.

Reported-by: Michał Berger <michallinuxstuff@gmail.com>
Signed-off-by: Ron Yorston <rmy@pobox.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

diff --git a/editors/vi.c b/editors/vi.c
index ee3c7feb2fdb9ef91f4cd06ce9cf720a8c0b0df0..2715294045ba436fbcf9c2581a099f67f2c7ab93 100644 (file)
--- a/editors/vi.c
+++ b/editors/vi.c
@@ -2364,7 +2364,7 @@ static void undo_push(char *src, unsigned int length, uint8_t u_type)     // Add to
        // Allocate a new undo object
        if (u_type == UNDO_DEL || u_type == UNDO_DEL_CHAIN) {
                // For UNDO_DEL objects, save deleted text
-               if ((src + length) == end)
+               if ((text + length) == end)
                        length--;
                // If this deletion empties text[], strip the newline. When the buffer becomes
                // zero-length, a newline is added back, which requires this to compensate.