]> git.ipfire.org Git - thirdparty/vim.git/commit
projects / thirdparty / vim.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 95e9078) | patch
patch 9.1.0689: [security]: buffer-overflow in do_search() with 'rightleft' v9.1.0689
authorChristian Brabandt <cb@256bit.org>
Thu, 22 Aug 2024 19:40:14 +0000 (21:40 +0200)
committerChristian Brabandt <cb@256bit.org>
Thu, 22 Aug 2024 19:40:14 +0000 (21:40 +0200)
commitcacb6693c10bb19f28a50eca47bc4bc33eccbae3
tree2eeb32f04fc39ff7a9cbaadcff92337c79713266tree | snapshot
parent95e90781a4c92b7b061213cfa38b35bdbf719cc1commit | diff
patch 9.1.0689: [security]: buffer-overflow in do_search() with 'rightleft'

Problem:  buffer-overflow in do_search() with 'rightleft'
          (SuyueGuo)
Solution: after reversing the text (which allocates a new buffer),
          re-calculate the text length

Github Advisory:
https://github.com/vim/vim/security/advisories/GHSA-v2x2-cjcg-f9jm

Signed-off-by: Christian Brabandt <cb@256bit.org>
src/search.c diff | blob | blame | history
src/testdir/crash/reverse_text_overflow [new file with mode: 0644] blob
src/testdir/test_crash.vim diff | blob | blame | history
src/version.c diff | blob | blame | history
Mirror of https://github.com/vim/vim.git