]> git.ipfire.org Git - thirdparty/vim.git/commit
patch 9.1.0678: [security]: use-after-free in alist_add() v9.1.0678
authorChristian Brabandt <cb@256bit.org>
Thu, 15 Aug 2024 20:15:28 +0000 (22:15 +0200)
committerChristian Brabandt <cb@256bit.org>
Thu, 15 Aug 2024 20:15:28 +0000 (22:15 +0200)
commit0a6e57b09bc8c76691b367a5babfb79b31b770e8
tree03442904cdd3bd40c7748a313f9cb66a3d6c3bbf
parent3b59be4ed8a145d3188934f1a5cd85432bd2433d
patch 9.1.0678: [security]: use-after-free in alist_add()

Problem:  [security]: use-after-free in alist_add()
          (SuyueGuo)
Solution: Lock the current window, so that the reference to
          the argument list remains valid.

This fixes CVE-2024-43374

Signed-off-by: Christian Brabandt <cb@256bit.org>
src/arglist.c
src/buffer.c
src/ex_cmds.c
src/proto/window.pro
src/structs.h
src/terminal.c
src/testdir/test_arglist.vim
src/version.c
src/window.c