]> git.ipfire.org Git - thirdparty/vim.git/commitdiff
projects / thirdparty / vim.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 77111e2)
patch 8.2.3247: using uninitialized memory when checking for crypt method v8.2.3247
authorBram Moolenaar <Bram@vim.org>
Thu, 29 Jul 2021 19:23:50 +0000 (21:23 +0200)
committerBram Moolenaar <Bram@vim.org>
Thu, 29 Jul 2021 19:23:50 +0000 (21:23 +0200)
Problem:    Using uninitialized memory when checking for crypt method.
Solution:   Check the header length before using the salt and seed.

src/fileio.c patch | blob | blame | history
src/version.c patch | blob | blame | history

diff --git a/src/fileio.c b/src/fileio.c
index 81a7b5091595fe70ee341d152331bea5077bfe10..eb46f1fd86c0298622da7eaf5576cc574d4f1b66 100644 (file)
--- a/src/fileio.c
+++ b/src/fileio.c
@@ -2917,15 +2917,16 @@ check_for_cryptkey(
        {
            int header_len;
 
-           curbuf->b_cryptstate = crypt_create_from_header(
-                                                      method, cryptkey, ptr);
-           crypt_set_cm_option(curbuf, method);
-
-           // Remove cryptmethod specific header from the text.
            header_len = crypt_get_header_len(method);
            if (*sizep <= header_len)
                // invalid header, buffer can't be encrypted
                return NULL;
+
+           curbuf->b_cryptstate = crypt_create_from_header(
+                                                       method, cryptkey, ptr);
+           crypt_set_cm_option(curbuf, method);
+
+           // Remove cryptmethod specific header from the text.
            *filesizep += header_len;
            *sizep -= header_len;
            mch_memmove(ptr, ptr + header_len, (size_t)*sizep);
diff --git a/src/version.c b/src/version.c
index 7710018b3158dd6b882fc2e670ea972b176a29b5..c120a2bc79ce601457018118d10354cef321ae48 100644 (file)
--- a/src/version.c
+++ b/src/version.c
@@ -755,6 +755,8 @@ static char *(features[]) =
 
 static int included_patches[] =
 {   /* Add new patch number below this line */
+/**/
+    3247,
 /**/
     3246,
 /**/
Mirror of https://github.com/vim/vim.git