Mercurial > vim

annotate SECURITY.md @ 35896:04ade45535d3 v9.1.0658

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
patch 9.1.0658: Coverity warns about dereferencing NULL pointer. Commit: https://github.com/vim/vim/commit/62d861741b92c45d05925d0685f3b06490011783 Author: zeertzjq <zeertzjq@outlook.com> Date: Sat Aug 3 14:52:00 2024 +0200 patch 9.1.0658: Coverity warns about dereferencing NULL pointer. Problem: Coverity warns about dereferencing NULL pointer. Solution: Bail out if vim_strrchr() returns NULL. (zeertzjq) ________________________________________________________________________________________________________ *** CID 1616019: (NULL_RETURNS) /src/help.c: 834 in fix_help_buffer() 828 continue; 829 t2 = gettail(f2); 830 e2 = vim_strrchr(t2, '.'); 831 if (e1 - f1 != e2 - f2 832 || fnamencmp(f1, f2, e1 - f1) != 0) 833 continue; >>> CID 1616019: (NULL_RETURNS) >>> Dereferencing a pointer that might be "NULL" "(char_u *)e2" when calling "vim_fnamecmp". 834 if (fnamecmp(e1, ".txt") == 0 835 && fnamecmp(e2, fname + 4) == 0) 836 // use .abx instead of .txt 837 VIM_CLEAR(fnames[i1]); 838 } 839 } /src/help.c: 816 in fix_help_buffer() 810 // the same directory. 811 for (i1 = 0; i1 < fcount; ++i1) 812 { 813 f1 = fnames[i1]; 814 t1 = gettail(f1); 815 e1 = vim_strrchr(t1, '.'); >>> CID 1616019: (NULL_RETURNS) >>> Dereferencing a pointer that might be "NULL" "(char_u *)e1" when calling "vim_fnamecmp". 816 if (fnamecmp(e1, ".txt") != 0 817 && fnamecmp(e1, fname + 4) != 0) 818 { 819 // Not .txt and not .abx, remove it. 820 VIM_CLEAR(fnames[i1]); 821 continue; closes: #15420 Signed-off-by: zeertzjq <zeertzjq@outlook.com> Signed-off-by: Christian Brabandt <cb@256bit.org>
author Christian Brabandt <cb@256bit.org>
date Sat, 03 Aug 2024 15:00:04 +0200
parents 13e4398925ea
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
32717
b807b0aa8e1f Add security policy (#12687)
Christian Brabandt <cb@256bit.org>
parents:
diff changeset
1 # Security Policy
b807b0aa8e1f Add security policy (#12687)
Christian Brabandt <cb@256bit.org>
parents:
diff changeset
2
b807b0aa8e1f Add security policy (#12687)
Christian Brabandt <cb@256bit.org>
parents:
diff changeset
3 ## Reporting a vulnerability
b807b0aa8e1f Add security policy (#12687)
Christian Brabandt <cb@256bit.org>
parents:
diff changeset
4
33648
13e4398925ea please report security issues to the vim-security list
Christian Brabandt <cb@256bit.org>
parents: 33616
diff changeset
5 If you want to report a security issue, please privately disclose the issue to the vim-security mailing list
13e4398925ea please report security issues to the vim-security list
Christian Brabandt <cb@256bit.org>
parents: 33616
diff changeset
6 vim-security@googlegroups.com
13e4398925ea please report security issues to the vim-security list
Christian Brabandt <cb@256bit.org>
parents: 33616
diff changeset
7
13e4398925ea please report security issues to the vim-security list
Christian Brabandt <cb@256bit.org>
parents: 33616
diff changeset
8 This is a private list, read only by the maintainers, but anybody can post, after moderation.
32717
b807b0aa8e1f Add security policy (#12687)
Christian Brabandt <cb@256bit.org>
parents:
diff changeset
9
b807b0aa8e1f Add security policy (#12687)
Christian Brabandt <cb@256bit.org>
parents:
diff changeset
10 **Please don't publicly disclose the issue until it has been addressed by us.**