vim: src/testdir/test_crash.vim annotate

annotate src/testdir/test_crash.vim @ 36048:179d2e139736 v9.1.0697

patch 9.1.0697: [security]: heap-buffer-overflow in ins_typebuf Commit: https://github.com/vim/vim/commit/322ba9108612bead5eb7731ccb66763dec69ef1b Author: Christian Brabandt <cb@256bit.org> Date: Sun Aug 25 21:33:03 2024 +0200 patch 9.1.0697: [security]: heap-buffer-overflow in ins_typebuf Problem: heap-buffer-overflow in ins_typebuf (SuyueGuo) Solution: When flushing the typeahead buffer, validate that there is enough space left Github Advisory: https://github.com/vim/vim/security/advisories/GHSA-4ghr-c62x-cqfh Signed-off-by: Christian Brabandt <cb@256bit.org>

author	Christian Brabandt <cb@256bit.org>
date	Sun, 25 Aug 2024 21:45:04 +0200
parents	23090f17734a
children	a8dc83448e70

rev	line source
33115 e64f3ab1a8b9 patch 9.0.1840: [security] use-after-free in do_ecmd Christian Brabandt <cb@256bit.org> parents: diff changeset	1 " Some tests, that used to crash Vim
e64f3ab1a8b9 patch 9.0.1840: [security] use-after-free in do_ecmd Christian Brabandt <cb@256bit.org> parents: diff changeset	2 source check.vim
e64f3ab1a8b9 patch 9.0.1840: [security] use-after-free in do_ecmd Christian Brabandt <cb@256bit.org> parents: diff changeset	3 source screendump.vim
e64f3ab1a8b9 patch 9.0.1840: [security] use-after-free in do_ecmd Christian Brabandt <cb@256bit.org> parents: diff changeset	4
e64f3ab1a8b9 patch 9.0.1840: [security] use-after-free in do_ecmd Christian Brabandt <cb@256bit.org> parents: diff changeset	5 CheckScreendump
e64f3ab1a8b9 patch 9.0.1840: [security] use-after-free in do_ecmd Christian Brabandt <cb@256bit.org> parents: diff changeset	6
e64f3ab1a8b9 patch 9.0.1840: [security] use-after-free in do_ecmd Christian Brabandt <cb@256bit.org> parents: diff changeset	7 func Test_crash1()
33185 1ee65fdbd791 patch 9.0.1872: CI: test_crash() fails on CI Christian Brabandt <cb@256bit.org> parents: 33176 diff changeset	8 CheckNotBSD
33199 3395f1cbe3ab patch 9.0.1878: tests running sh have problems Christian Brabandt <cb@256bit.org> parents: 33193 diff changeset	9 CheckExecutable dash
33208 ed46a7531bb3 patch 9.0.1882: Trailing white space in tests Christian Brabandt <cb@256bit.org> parents: 33206 diff changeset	10 " Test 7 fails on Mac ...
33206 3737c8d06c2f patch 9.0.1881: Test_crash fails on Mac Christian Brabandt <cb@256bit.org> parents: 33199 diff changeset	11 CheckNotMac
33185 1ee65fdbd791 patch 9.0.1872: CI: test_crash() fails on CI Christian Brabandt <cb@256bit.org> parents: 33176 diff changeset	12
33115 e64f3ab1a8b9 patch 9.0.1840: [security] use-after-free in do_ecmd Christian Brabandt <cb@256bit.org> parents: diff changeset	13 " The following used to crash Vim
33144 9c34366acd4e patch 9.0.1854: test_crash1() fails on CI Christian Brabandt <cb@256bit.org> parents: 33132 diff changeset	14 let opts = #{cmd: 'sh'}
9c34366acd4e patch 9.0.1854: test_crash1() fails on CI Christian Brabandt <cb@256bit.org> parents: 33132 diff changeset	15 let vim = GetVimProg()
9c34366acd4e patch 9.0.1854: test_crash1() fails on CI Christian Brabandt <cb@256bit.org> parents: 33132 diff changeset	16
33150 cdc797578b8b patch 9.0.1857: [security] heap-use-after-free in is_qf_win() Christian Brabandt <cb@256bit.org> parents: 33144 diff changeset	17 let buf = RunVimInTerminal('sh', opts)
33144 9c34366acd4e patch 9.0.1854: test_crash1() fails on CI Christian Brabandt <cb@256bit.org> parents: 33132 diff changeset	18
9c34366acd4e patch 9.0.1854: test_crash1() fails on CI Christian Brabandt <cb@256bit.org> parents: 33132 diff changeset	19 let file = 'crash/poc_huaf1'
9c34366acd4e patch 9.0.1854: test_crash1() fails on CI Christian Brabandt <cb@256bit.org> parents: 33132 diff changeset	20 let cmn_args = "%s -u NONE -i NONE -n -e -s -S %s -c ':qa!'"
9c34366acd4e patch 9.0.1854: test_crash1() fails on CI Christian Brabandt <cb@256bit.org> parents: 33132 diff changeset	21 let args = printf(cmn_args, vim, file)
9c34366acd4e patch 9.0.1854: test_crash1() fails on CI Christian Brabandt <cb@256bit.org> parents: 33132 diff changeset	22 call term_sendkeys(buf, args ..
33150 cdc797578b8b patch 9.0.1857: [security] heap-use-after-free in is_qf_win() Christian Brabandt <cb@256bit.org> parents: 33144 diff changeset	23 \ ' && echo "crash 1: [OK]" > X_crash1_result.txt' .. "\<cr>")
cdc797578b8b patch 9.0.1857: [security] heap-use-after-free in is_qf_win() Christian Brabandt <cb@256bit.org> parents: 33144 diff changeset	24 call TermWait(buf, 50)
33144 9c34366acd4e patch 9.0.1854: test_crash1() fails on CI Christian Brabandt <cb@256bit.org> parents: 33132 diff changeset	25
9c34366acd4e patch 9.0.1854: test_crash1() fails on CI Christian Brabandt <cb@256bit.org> parents: 33132 diff changeset	26 let file = 'crash/poc_huaf2'
9c34366acd4e patch 9.0.1854: test_crash1() fails on CI Christian Brabandt <cb@256bit.org> parents: 33132 diff changeset	27 let args = printf(cmn_args, vim, file)
9c34366acd4e patch 9.0.1854: test_crash1() fails on CI Christian Brabandt <cb@256bit.org> parents: 33132 diff changeset	28 call term_sendkeys(buf, args ..
9c34366acd4e patch 9.0.1854: test_crash1() fails on CI Christian Brabandt <cb@256bit.org> parents: 33132 diff changeset	29 \ ' && echo "crash 2: [OK]" >> X_crash1_result.txt' .. "\<cr>")
33150 cdc797578b8b patch 9.0.1857: [security] heap-use-after-free in is_qf_win() Christian Brabandt <cb@256bit.org> parents: 33144 diff changeset	30 call TermWait(buf, 50)
33144 9c34366acd4e patch 9.0.1854: test_crash1() fails on CI Christian Brabandt <cb@256bit.org> parents: 33132 diff changeset	31
9c34366acd4e patch 9.0.1854: test_crash1() fails on CI Christian Brabandt <cb@256bit.org> parents: 33132 diff changeset	32 let file = 'crash/poc_huaf3'
9c34366acd4e patch 9.0.1854: test_crash1() fails on CI Christian Brabandt <cb@256bit.org> parents: 33132 diff changeset	33 let args = printf(cmn_args, vim, file)
9c34366acd4e patch 9.0.1854: test_crash1() fails on CI Christian Brabandt <cb@256bit.org> parents: 33132 diff changeset	34 call term_sendkeys(buf, args ..
9c34366acd4e patch 9.0.1854: test_crash1() fails on CI Christian Brabandt <cb@256bit.org> parents: 33132 diff changeset	35 \ ' && echo "crash 3: [OK]" >> X_crash1_result.txt' .. "\<cr>")
33150 cdc797578b8b patch 9.0.1857: [security] heap-use-after-free in is_qf_win() Christian Brabandt <cb@256bit.org> parents: 33144 diff changeset	36 call TermWait(buf, 100)
33144 9c34366acd4e patch 9.0.1854: test_crash1() fails on CI Christian Brabandt <cb@256bit.org> parents: 33132 diff changeset	37
33150 cdc797578b8b patch 9.0.1857: [security] heap-use-after-free in is_qf_win() Christian Brabandt <cb@256bit.org> parents: 33144 diff changeset	38 let file = 'crash/bt_quickfix_poc'
cdc797578b8b patch 9.0.1857: [security] heap-use-after-free in is_qf_win() Christian Brabandt <cb@256bit.org> parents: 33144 diff changeset	39 let args = printf(cmn_args, vim, file)
cdc797578b8b patch 9.0.1857: [security] heap-use-after-free in is_qf_win() Christian Brabandt <cb@256bit.org> parents: 33144 diff changeset	40 call term_sendkeys(buf, args ..
cdc797578b8b patch 9.0.1857: [security] heap-use-after-free in is_qf_win() Christian Brabandt <cb@256bit.org> parents: 33144 diff changeset	41 \ ' && echo "crash 4: [OK]" >> X_crash1_result.txt' .. "\<cr>")
cdc797578b8b patch 9.0.1857: [security] heap-use-after-free in is_qf_win() Christian Brabandt <cb@256bit.org> parents: 33144 diff changeset	42 " clean up
cdc797578b8b patch 9.0.1857: [security] heap-use-after-free in is_qf_win() Christian Brabandt <cb@256bit.org> parents: 33144 diff changeset	43 call delete('Xerr')
cdc797578b8b patch 9.0.1857: [security] heap-use-after-free in is_qf_win() Christian Brabandt <cb@256bit.org> parents: 33144 diff changeset	44 " This test takes a bit longer
33165 74fcf8a0846b patch 9.0.1864: still crash with bt_quickfix1_poc Christian Brabandt <cb@256bit.org> parents: 33156 diff changeset	45 call TermWait(buf, 1000)
33144 9c34366acd4e patch 9.0.1854: test_crash1() fails on CI Christian Brabandt <cb@256bit.org> parents: 33132 diff changeset	46
33152 8c9c79b00316 patch 9.0.1858: [security] heap use after free in ins_compl_get_exp() Christian Brabandt <cb@256bit.org> parents: 33150 diff changeset	47 let file = 'crash/poc_tagfunc.vim'
8c9c79b00316 patch 9.0.1858: [security] heap use after free in ins_compl_get_exp() Christian Brabandt <cb@256bit.org> parents: 33150 diff changeset	48 let args = printf(cmn_args, vim, file)
33187 201c54cdde82 patch 9.0.1873: [security] heap-buffer-overflow in vim_regsub_both Christian Brabandt <cb@256bit.org> parents: 33185 diff changeset	49 " using \|\| because this poc causes vim to exit with exitstatus != 0
33152 8c9c79b00316 patch 9.0.1858: [security] heap use after free in ins_compl_get_exp() Christian Brabandt <cb@256bit.org> parents: 33150 diff changeset	50 call term_sendkeys(buf, args ..
8c9c79b00316 patch 9.0.1858: [security] heap use after free in ins_compl_get_exp() Christian Brabandt <cb@256bit.org> parents: 33150 diff changeset	51 \ ' \|\| echo "crash 5: [OK]" >> X_crash1_result.txt' .. "\<cr>")
8c9c79b00316 patch 9.0.1858: [security] heap use after free in ins_compl_get_exp() Christian Brabandt <cb@256bit.org> parents: 33150 diff changeset	52
8c9c79b00316 patch 9.0.1858: [security] heap use after free in ins_compl_get_exp() Christian Brabandt <cb@256bit.org> parents: 33150 diff changeset	53 call TermWait(buf, 100)
8c9c79b00316 patch 9.0.1858: [security] heap use after free in ins_compl_get_exp() Christian Brabandt <cb@256bit.org> parents: 33150 diff changeset	54
33154 faeeed7df688 patch 9.0.1859: heap-use-after-free in bt_normal() Christian Brabandt <cb@256bit.org> parents: 33152 diff changeset	55 let file = 'crash/bt_quickfix1_poc'
faeeed7df688 patch 9.0.1859: heap-use-after-free in bt_normal() Christian Brabandt <cb@256bit.org> parents: 33152 diff changeset	56 let args = printf(cmn_args, vim, file)
faeeed7df688 patch 9.0.1859: heap-use-after-free in bt_normal() Christian Brabandt <cb@256bit.org> parents: 33152 diff changeset	57 call term_sendkeys(buf, args ..
faeeed7df688 patch 9.0.1859: heap-use-after-free in bt_normal() Christian Brabandt <cb@256bit.org> parents: 33152 diff changeset	58 \ ' && echo "crash 6: [OK]" >> X_crash1_result.txt' .. "\<cr>")
faeeed7df688 patch 9.0.1859: heap-use-after-free in bt_normal() Christian Brabandt <cb@256bit.org> parents: 33152 diff changeset	59 " clean up
faeeed7df688 patch 9.0.1859: heap-use-after-free in bt_normal() Christian Brabandt <cb@256bit.org> parents: 33152 diff changeset	60 call delete('X')
33176 8ac10cee18f3 patch 9.0.1868: test_crash still fails for circle ci Christian Brabandt <cb@256bit.org> parents: 33165 diff changeset	61 call TermWait(buf, 3000)
33154 faeeed7df688 patch 9.0.1859: heap-use-after-free in bt_normal() Christian Brabandt <cb@256bit.org> parents: 33152 diff changeset	62
33187 201c54cdde82 patch 9.0.1873: [security] heap-buffer-overflow in vim_regsub_both Christian Brabandt <cb@256bit.org> parents: 33185 diff changeset	63 let file = 'crash/vim_regsub_both_poc'
201c54cdde82 patch 9.0.1873: [security] heap-buffer-overflow in vim_regsub_both Christian Brabandt <cb@256bit.org> parents: 33185 diff changeset	64 let args = printf(cmn_args, vim, file)
201c54cdde82 patch 9.0.1873: [security] heap-buffer-overflow in vim_regsub_both Christian Brabandt <cb@256bit.org> parents: 33185 diff changeset	65 call term_sendkeys(buf, args ..
201c54cdde82 patch 9.0.1873: [security] heap-buffer-overflow in vim_regsub_both Christian Brabandt <cb@256bit.org> parents: 33185 diff changeset	66 \ ' && echo "crash 7: [OK]" >> X_crash1_result.txt' .. "\<cr>")
33199 3395f1cbe3ab patch 9.0.1878: tests running sh have problems Christian Brabandt <cb@256bit.org> parents: 33193 diff changeset	67 call TermWait(buf, 3000)
33187 201c54cdde82 patch 9.0.1873: [security] heap-buffer-overflow in vim_regsub_both Christian Brabandt <cb@256bit.org> parents: 33185 diff changeset	68
33422 25d250a74bb6 patch 9.0.1969: [security] buffer-overflow in trunc_string() Christian Brabandt <cb@256bit.org> parents: 33208 diff changeset	69 let file = 'crash/vim_msg_trunc_poc'
25d250a74bb6 patch 9.0.1969: [security] buffer-overflow in trunc_string() Christian Brabandt <cb@256bit.org> parents: 33208 diff changeset	70 let args = printf(cmn_args, vim, file)
25d250a74bb6 patch 9.0.1969: [security] buffer-overflow in trunc_string() Christian Brabandt <cb@256bit.org> parents: 33208 diff changeset	71 call term_sendkeys(buf, args ..
25d250a74bb6 patch 9.0.1969: [security] buffer-overflow in trunc_string() Christian Brabandt <cb@256bit.org> parents: 33208 diff changeset	72 \ ' \|\| echo "crash 8: [OK]" >> X_crash1_result.txt' .. "\<cr>")
25d250a74bb6 patch 9.0.1969: [security] buffer-overflow in trunc_string() Christian Brabandt <cb@256bit.org> parents: 33208 diff changeset	73 call TermWait(buf, 3000)
25d250a74bb6 patch 9.0.1969: [security] buffer-overflow in trunc_string() Christian Brabandt <cb@256bit.org> parents: 33208 diff changeset	74
33482 39b2e200c4d7 patch 9.0.1992: [security] segfault in exmode Christian Brabandt <cb@256bit.org> parents: 33422 diff changeset	75 let file = 'crash/crash_scrollbar'
39b2e200c4d7 patch 9.0.1992: [security] segfault in exmode Christian Brabandt <cb@256bit.org> parents: 33422 diff changeset	76 let args = printf(cmn_args, vim, file)
39b2e200c4d7 patch 9.0.1992: [security] segfault in exmode Christian Brabandt <cb@256bit.org> parents: 33422 diff changeset	77 call term_sendkeys(buf, args ..
39b2e200c4d7 patch 9.0.1992: [security] segfault in exmode Christian Brabandt <cb@256bit.org> parents: 33422 diff changeset	78 \ ' && echo "crash 9: [OK]" >> X_crash1_result.txt' .. "\<cr>")
39b2e200c4d7 patch 9.0.1992: [security] segfault in exmode Christian Brabandt <cb@256bit.org> parents: 33422 diff changeset	79 call TermWait(buf, 1000)
39b2e200c4d7 patch 9.0.1992: [security] segfault in exmode Christian Brabandt <cb@256bit.org> parents: 33422 diff changeset	80
33523 1947bb095199 patch 9.0.2010: [security] use-after-free from buf_contents_changed() Christian Brabandt <cb@256bit.org> parents: 33482 diff changeset	81 let file = 'crash/editing_arg_idx_POC_1'
1947bb095199 patch 9.0.2010: [security] use-after-free from buf_contents_changed() Christian Brabandt <cb@256bit.org> parents: 33482 diff changeset	82 let args = printf(cmn_args, vim, file)
1947bb095199 patch 9.0.2010: [security] use-after-free from buf_contents_changed() Christian Brabandt <cb@256bit.org> parents: 33482 diff changeset	83 call term_sendkeys(buf, args ..
1947bb095199 patch 9.0.2010: [security] use-after-free from buf_contents_changed() Christian Brabandt <cb@256bit.org> parents: 33482 diff changeset	84 \ ' \|\| echo "crash 10: [OK]" >> X_crash1_result.txt' .. "\<cr>")
1947bb095199 patch 9.0.2010: [security] use-after-free from buf_contents_changed() Christian Brabandt <cb@256bit.org> parents: 33482 diff changeset	85 call TermWait(buf, 1000)
1947bb095199 patch 9.0.2010: [security] use-after-free from buf_contents_changed() Christian Brabandt <cb@256bit.org> parents: 33482 diff changeset	86 call delete('Xerr')
1947bb095199 patch 9.0.2010: [security] use-after-free from buf_contents_changed() Christian Brabandt <cb@256bit.org> parents: 33482 diff changeset	87 call delete('@')
1947bb095199 patch 9.0.2010: [security] use-after-free from buf_contents_changed() Christian Brabandt <cb@256bit.org> parents: 33482 diff changeset	88
33144 9c34366acd4e patch 9.0.1854: test_crash1() fails on CI Christian Brabandt <cb@256bit.org> parents: 33132 diff changeset	89 " clean up
33115 e64f3ab1a8b9 patch 9.0.1840: [security] use-after-free in do_ecmd Christian Brabandt <cb@256bit.org> parents: diff changeset	90 exe buf .. "bw!"
e64f3ab1a8b9 patch 9.0.1840: [security] use-after-free in do_ecmd Christian Brabandt <cb@256bit.org> parents: diff changeset	91
33144 9c34366acd4e patch 9.0.1854: test_crash1() fails on CI Christian Brabandt <cb@256bit.org> parents: 33132 diff changeset	92 sp X_crash1_result.txt
33150 cdc797578b8b patch 9.0.1857: [security] heap-use-after-free in is_qf_win() Christian Brabandt <cb@256bit.org> parents: 33144 diff changeset	93
cdc797578b8b patch 9.0.1857: [security] heap-use-after-free in is_qf_win() Christian Brabandt <cb@256bit.org> parents: 33144 diff changeset	94 let expected = [
cdc797578b8b patch 9.0.1857: [security] heap-use-after-free in is_qf_win() Christian Brabandt <cb@256bit.org> parents: 33144 diff changeset	95 \ 'crash 1: [OK]',
cdc797578b8b patch 9.0.1857: [security] heap-use-after-free in is_qf_win() Christian Brabandt <cb@256bit.org> parents: 33144 diff changeset	96 \ 'crash 2: [OK]',
cdc797578b8b patch 9.0.1857: [security] heap-use-after-free in is_qf_win() Christian Brabandt <cb@256bit.org> parents: 33144 diff changeset	97 \ 'crash 3: [OK]',
cdc797578b8b patch 9.0.1857: [security] heap-use-after-free in is_qf_win() Christian Brabandt <cb@256bit.org> parents: 33144 diff changeset	98 \ 'crash 4: [OK]',
33152 8c9c79b00316 patch 9.0.1858: [security] heap use after free in ins_compl_get_exp() Christian Brabandt <cb@256bit.org> parents: 33150 diff changeset	99 \ 'crash 5: [OK]',
33154 faeeed7df688 patch 9.0.1859: heap-use-after-free in bt_normal() Christian Brabandt <cb@256bit.org> parents: 33152 diff changeset	100 \ 'crash 6: [OK]',
33187 201c54cdde82 patch 9.0.1873: [security] heap-buffer-overflow in vim_regsub_both Christian Brabandt <cb@256bit.org> parents: 33185 diff changeset	101 \ 'crash 7: [OK]',
33422 25d250a74bb6 patch 9.0.1969: [security] buffer-overflow in trunc_string() Christian Brabandt <cb@256bit.org> parents: 33208 diff changeset	102 \ 'crash 8: [OK]',
33482 39b2e200c4d7 patch 9.0.1992: [security] segfault in exmode Christian Brabandt <cb@256bit.org> parents: 33422 diff changeset	103 \ 'crash 9: [OK]',
33523 1947bb095199 patch 9.0.2010: [security] use-after-free from buf_contents_changed() Christian Brabandt <cb@256bit.org> parents: 33482 diff changeset	104 \ 'crash 10: [OK]',
33150 cdc797578b8b patch 9.0.1857: [security] heap-use-after-free in is_qf_win() Christian Brabandt <cb@256bit.org> parents: 33144 diff changeset	105 \ ]
cdc797578b8b patch 9.0.1857: [security] heap-use-after-free in is_qf_win() Christian Brabandt <cb@256bit.org> parents: 33144 diff changeset	106
cdc797578b8b patch 9.0.1857: [security] heap-use-after-free in is_qf_win() Christian Brabandt <cb@256bit.org> parents: 33144 diff changeset	107 call assert_equal(expected, getline(1, '$'))
33144 9c34366acd4e patch 9.0.1854: test_crash1() fails on CI Christian Brabandt <cb@256bit.org> parents: 33132 diff changeset	108 bw!
33115 e64f3ab1a8b9 patch 9.0.1840: [security] use-after-free in do_ecmd Christian Brabandt <cb@256bit.org> parents: diff changeset	109
33144 9c34366acd4e patch 9.0.1854: test_crash1() fails on CI Christian Brabandt <cb@256bit.org> parents: 33132 diff changeset	110 call delete('X_crash1_result.txt')
33115 e64f3ab1a8b9 patch 9.0.1840: [security] use-after-free in do_ecmd Christian Brabandt <cb@256bit.org> parents: diff changeset	111 endfunc
e64f3ab1a8b9 patch 9.0.1840: [security] use-after-free in do_ecmd Christian Brabandt <cb@256bit.org> parents: diff changeset	112
33772 7624df087ebf patch 9.0.2106: [security]: Use-after-free in win_close() Christian Brabandt <cb@256bit.org> parents: 33523 diff changeset	113 func Test_crash1_2()
7624df087ebf patch 9.0.2106: [security]: Use-after-free in win_close() Christian Brabandt <cb@256bit.org> parents: 33523 diff changeset	114 CheckNotBSD
7624df087ebf patch 9.0.2106: [security]: Use-after-free in win_close() Christian Brabandt <cb@256bit.org> parents: 33523 diff changeset	115 CheckExecutable dash
33879 d418c82f02a4 patch 9.0.2149: [security]: use-after-free in exec_instructions() Christian Brabandt <cb@256bit.org> parents: 33865 diff changeset	116 let g:test_is_flaky = 1
33772 7624df087ebf patch 9.0.2106: [security]: Use-after-free in win_close() Christian Brabandt <cb@256bit.org> parents: 33523 diff changeset	117
7624df087ebf patch 9.0.2106: [security]: Use-after-free in win_close() Christian Brabandt <cb@256bit.org> parents: 33523 diff changeset	118 " The following used to crash Vim
7624df087ebf patch 9.0.2106: [security]: Use-after-free in win_close() Christian Brabandt <cb@256bit.org> parents: 33523 diff changeset	119 let opts = #{cmd: 'sh'}
7624df087ebf patch 9.0.2106: [security]: Use-after-free in win_close() Christian Brabandt <cb@256bit.org> parents: 33523 diff changeset	120 let vim = GetVimProg()
33865 8cdb69ea3711 patch 9.0.2143: [security]: buffer-overflow in ex_substitute Christian Brabandt <cb@256bit.org> parents: 33864 diff changeset	121 let result = 'X_crash1_2_result.txt'
33772 7624df087ebf patch 9.0.2106: [security]: Use-after-free in win_close() Christian Brabandt <cb@256bit.org> parents: 33523 diff changeset	122
7624df087ebf patch 9.0.2106: [security]: Use-after-free in win_close() Christian Brabandt <cb@256bit.org> parents: 33523 diff changeset	123 let buf = RunVimInTerminal('sh', opts)
7624df087ebf patch 9.0.2106: [security]: Use-after-free in win_close() Christian Brabandt <cb@256bit.org> parents: 33523 diff changeset	124
7624df087ebf patch 9.0.2106: [security]: Use-after-free in win_close() Christian Brabandt <cb@256bit.org> parents: 33523 diff changeset	125 let file = 'crash/poc1'
7624df087ebf patch 9.0.2106: [security]: Use-after-free in win_close() Christian Brabandt <cb@256bit.org> parents: 33523 diff changeset	126 let cmn_args = "%s -u NONE -i NONE -n -e -s -S %s -c ':qa!'"
7624df087ebf patch 9.0.2106: [security]: Use-after-free in win_close() Christian Brabandt <cb@256bit.org> parents: 33523 diff changeset	127 let args = printf(cmn_args, vim, file)
7624df087ebf patch 9.0.2106: [security]: Use-after-free in win_close() Christian Brabandt <cb@256bit.org> parents: 33523 diff changeset	128 call term_sendkeys(buf, args ..
7624df087ebf patch 9.0.2106: [security]: Use-after-free in win_close() Christian Brabandt <cb@256bit.org> parents: 33523 diff changeset	129 \ ' && echo "crash 1: [OK]" > '.. result .. "\<cr>")
7624df087ebf patch 9.0.2106: [security]: Use-after-free in win_close() Christian Brabandt <cb@256bit.org> parents: 33523 diff changeset	130 call TermWait(buf, 150)
7624df087ebf patch 9.0.2106: [security]: Use-after-free in win_close() Christian Brabandt <cb@256bit.org> parents: 33523 diff changeset	131
33862 242b964d6269 patch 9.0.2140: [security]: use-after-free in win-enter Christian Brabandt <cb@256bit.org> parents: 33772 diff changeset	132 let file = 'crash/poc_win_enter_ext'
242b964d6269 patch 9.0.2140: [security]: use-after-free in win-enter Christian Brabandt <cb@256bit.org> parents: 33772 diff changeset	133 let cmn_args = "%s -u NONE -i NONE -n -e -s -S %s -c ':qa!'"
242b964d6269 patch 9.0.2140: [security]: use-after-free in win-enter Christian Brabandt <cb@256bit.org> parents: 33772 diff changeset	134 let args = printf(cmn_args, vim, file)
242b964d6269 patch 9.0.2140: [security]: use-after-free in win-enter Christian Brabandt <cb@256bit.org> parents: 33772 diff changeset	135 call term_sendkeys(buf, args ..
242b964d6269 patch 9.0.2140: [security]: use-after-free in win-enter Christian Brabandt <cb@256bit.org> parents: 33772 diff changeset	136 \ ' && echo "crash 2: [OK]" >> '.. result .. "\<cr>")
242b964d6269 patch 9.0.2140: [security]: use-after-free in win-enter Christian Brabandt <cb@256bit.org> parents: 33772 diff changeset	137 call TermWait(buf, 350)
242b964d6269 patch 9.0.2140: [security]: use-after-free in win-enter Christian Brabandt <cb@256bit.org> parents: 33772 diff changeset	138
33863 3b8089d550eb patch 9.0.2141: [security]: buffer-overflow in suggest_trie_walk Christian Brabandt <cb@256bit.org> parents: 33862 diff changeset	139 let file = 'crash/poc_suggest_trie_walk'
3b8089d550eb patch 9.0.2141: [security]: buffer-overflow in suggest_trie_walk Christian Brabandt <cb@256bit.org> parents: 33862 diff changeset	140 let cmn_args = "%s -u NONE -i NONE -n -e -s -S %s -c ':qa!'"
3b8089d550eb patch 9.0.2141: [security]: buffer-overflow in suggest_trie_walk Christian Brabandt <cb@256bit.org> parents: 33862 diff changeset	141 let args = printf(cmn_args, vim, file)
3b8089d550eb patch 9.0.2141: [security]: buffer-overflow in suggest_trie_walk Christian Brabandt <cb@256bit.org> parents: 33862 diff changeset	142 call term_sendkeys(buf, args ..
3b8089d550eb patch 9.0.2141: [security]: buffer-overflow in suggest_trie_walk Christian Brabandt <cb@256bit.org> parents: 33862 diff changeset	143 \ ' && echo "crash 3: [OK]" >> '.. result .. "\<cr>")
3b8089d550eb patch 9.0.2141: [security]: buffer-overflow in suggest_trie_walk Christian Brabandt <cb@256bit.org> parents: 33862 diff changeset	144 call TermWait(buf, 150)
3b8089d550eb patch 9.0.2141: [security]: buffer-overflow in suggest_trie_walk Christian Brabandt <cb@256bit.org> parents: 33862 diff changeset	145
33864 6e4c686b6b5b patch 9.0.2142: [security]: stack-buffer-overflow in option callback functions Christian Brabandt <cb@256bit.org> parents: 33863 diff changeset	146 let file = 'crash/poc_did_set_langmap'
6e4c686b6b5b patch 9.0.2142: [security]: stack-buffer-overflow in option callback functions Christian Brabandt <cb@256bit.org> parents: 33863 diff changeset	147 let cmn_args = "%s -u NONE -i NONE -n -X -m -n -e -s -S %s -c ':qa!'"
6e4c686b6b5b patch 9.0.2142: [security]: stack-buffer-overflow in option callback functions Christian Brabandt <cb@256bit.org> parents: 33863 diff changeset	148 let args = printf(cmn_args, vim, file)
6e4c686b6b5b patch 9.0.2142: [security]: stack-buffer-overflow in option callback functions Christian Brabandt <cb@256bit.org> parents: 33863 diff changeset	149 call term_sendkeys(buf, args ..
6e4c686b6b5b patch 9.0.2142: [security]: stack-buffer-overflow in option callback functions Christian Brabandt <cb@256bit.org> parents: 33863 diff changeset	150 \ ' ; echo "crash 4: [OK]" >> '.. result .. "\<cr>")
6e4c686b6b5b patch 9.0.2142: [security]: stack-buffer-overflow in option callback functions Christian Brabandt <cb@256bit.org> parents: 33863 diff changeset	151 call TermWait(buf, 150)
6e4c686b6b5b patch 9.0.2142: [security]: stack-buffer-overflow in option callback functions Christian Brabandt <cb@256bit.org> parents: 33863 diff changeset	152
36023 f1fd19e38507 patch 9.1.0689: [security]: buffer-overflow in do_search() with 'rightleft' Christian Brabandt <cb@256bit.org> parents: 35944 diff changeset	153 let file = 'crash/reverse_text_overflow'
f1fd19e38507 patch 9.1.0689: [security]: buffer-overflow in do_search() with 'rightleft' Christian Brabandt <cb@256bit.org> parents: 35944 diff changeset	154 let cmn_args = "%s -u NONE -i NONE -n -X -m -n -e -s -S %s -c ':qa!'"
f1fd19e38507 patch 9.1.0689: [security]: buffer-overflow in do_search() with 'rightleft' Christian Brabandt <cb@256bit.org> parents: 35944 diff changeset	155 let args = printf(cmn_args, vim, file)
f1fd19e38507 patch 9.1.0689: [security]: buffer-overflow in do_search() with 'rightleft' Christian Brabandt <cb@256bit.org> parents: 35944 diff changeset	156 call term_sendkeys(buf, args ..
f1fd19e38507 patch 9.1.0689: [security]: buffer-overflow in do_search() with 'rightleft' Christian Brabandt <cb@256bit.org> parents: 35944 diff changeset	157 \ ' ; echo "crash 5: [OK]" >> '.. result .. "\<cr>")
f1fd19e38507 patch 9.1.0689: [security]: buffer-overflow in do_search() with 'rightleft' Christian Brabandt <cb@256bit.org> parents: 35944 diff changeset	158 call TermWait(buf, 150)
f1fd19e38507 patch 9.1.0689: [security]: buffer-overflow in do_search() with 'rightleft' Christian Brabandt <cb@256bit.org> parents: 35944 diff changeset	159
33772 7624df087ebf patch 9.0.2106: [security]: Use-after-free in win_close() Christian Brabandt <cb@256bit.org> parents: 33523 diff changeset	160 " clean up
7624df087ebf patch 9.0.2106: [security]: Use-after-free in win_close() Christian Brabandt <cb@256bit.org> parents: 33523 diff changeset	161 exe buf .. "bw!"
7624df087ebf patch 9.0.2106: [security]: Use-after-free in win_close() Christian Brabandt <cb@256bit.org> parents: 33523 diff changeset	162 exe "sp " .. result
7624df087ebf patch 9.0.2106: [security]: Use-after-free in win_close() Christian Brabandt <cb@256bit.org> parents: 33523 diff changeset	163 let expected = [
7624df087ebf patch 9.0.2106: [security]: Use-after-free in win_close() Christian Brabandt <cb@256bit.org> parents: 33523 diff changeset	164 \ 'crash 1: [OK]',
33862 242b964d6269 patch 9.0.2140: [security]: use-after-free in win-enter Christian Brabandt <cb@256bit.org> parents: 33772 diff changeset	165 \ 'crash 2: [OK]',
33863 3b8089d550eb patch 9.0.2141: [security]: buffer-overflow in suggest_trie_walk Christian Brabandt <cb@256bit.org> parents: 33862 diff changeset	166 \ 'crash 3: [OK]',
33864 6e4c686b6b5b patch 9.0.2142: [security]: stack-buffer-overflow in option callback functions Christian Brabandt <cb@256bit.org> parents: 33863 diff changeset	167 \ 'crash 4: [OK]',
36023 f1fd19e38507 patch 9.1.0689: [security]: buffer-overflow in do_search() with 'rightleft' Christian Brabandt <cb@256bit.org> parents: 35944 diff changeset	168 \ 'crash 5: [OK]',
33772 7624df087ebf patch 9.0.2106: [security]: Use-after-free in win_close() Christian Brabandt <cb@256bit.org> parents: 33523 diff changeset	169 \ ]
7624df087ebf patch 9.0.2106: [security]: Use-after-free in win_close() Christian Brabandt <cb@256bit.org> parents: 33523 diff changeset	170
7624df087ebf patch 9.0.2106: [security]: Use-after-free in win_close() Christian Brabandt <cb@256bit.org> parents: 33523 diff changeset	171 call assert_equal(expected, getline(1, '$'))
7624df087ebf patch 9.0.2106: [security]: Use-after-free in win_close() Christian Brabandt <cb@256bit.org> parents: 33523 diff changeset	172 bw!
33879 d418c82f02a4 patch 9.0.2149: [security]: use-after-free in exec_instructions() Christian Brabandt <cb@256bit.org> parents: 33865 diff changeset	173 call delete(result)
d418c82f02a4 patch 9.0.2149: [security]: use-after-free in exec_instructions() Christian Brabandt <cb@256bit.org> parents: 33865 diff changeset	174 endfunc
33772 7624df087ebf patch 9.0.2106: [security]: Use-after-free in win_close() Christian Brabandt <cb@256bit.org> parents: 33523 diff changeset	175
33879 d418c82f02a4 patch 9.0.2149: [security]: use-after-free in exec_instructions() Christian Brabandt <cb@256bit.org> parents: 33865 diff changeset	176 " This test just runs various scripts, that caused issues before.
d418c82f02a4 patch 9.0.2149: [security]: use-after-free in exec_instructions() Christian Brabandt <cb@256bit.org> parents: 33865 diff changeset	177 " We are not really asserting anything here, it's just important
d418c82f02a4 patch 9.0.2149: [security]: use-after-free in exec_instructions() Christian Brabandt <cb@256bit.org> parents: 33865 diff changeset	178 " that ASAN does not detect any issues.
d418c82f02a4 patch 9.0.2149: [security]: use-after-free in exec_instructions() Christian Brabandt <cb@256bit.org> parents: 33865 diff changeset	179 func Test_crash1_3()
d418c82f02a4 patch 9.0.2149: [security]: use-after-free in exec_instructions() Christian Brabandt <cb@256bit.org> parents: 33865 diff changeset	180 let vim = GetVimProg()
d418c82f02a4 patch 9.0.2149: [security]: use-after-free in exec_instructions() Christian Brabandt <cb@256bit.org> parents: 33865 diff changeset	181 let buf = RunVimInTerminal('sh', #{cmd: 'sh'})
d418c82f02a4 patch 9.0.2149: [security]: use-after-free in exec_instructions() Christian Brabandt <cb@256bit.org> parents: 33865 diff changeset	182
d418c82f02a4 patch 9.0.2149: [security]: use-after-free in exec_instructions() Christian Brabandt <cb@256bit.org> parents: 33865 diff changeset	183 let file = 'crash/poc_ex_substitute'
d418c82f02a4 patch 9.0.2149: [security]: use-after-free in exec_instructions() Christian Brabandt <cb@256bit.org> parents: 33865 diff changeset	184 let cmn_args = "%s -u NONE -i NONE -n -e -s -S %s -c ':qa!'\<cr>"
d418c82f02a4 patch 9.0.2149: [security]: use-after-free in exec_instructions() Christian Brabandt <cb@256bit.org> parents: 33865 diff changeset	185 let args = printf(cmn_args, vim, file)
d418c82f02a4 patch 9.0.2149: [security]: use-after-free in exec_instructions() Christian Brabandt <cb@256bit.org> parents: 33865 diff changeset	186 call term_sendkeys(buf, args)
d418c82f02a4 patch 9.0.2149: [security]: use-after-free in exec_instructions() Christian Brabandt <cb@256bit.org> parents: 33865 diff changeset	187 call TermWait(buf, 150)
d418c82f02a4 patch 9.0.2149: [security]: use-after-free in exec_instructions() Christian Brabandt <cb@256bit.org> parents: 33865 diff changeset	188
d418c82f02a4 patch 9.0.2149: [security]: use-after-free in exec_instructions() Christian Brabandt <cb@256bit.org> parents: 33865 diff changeset	189 let file = 'crash/poc_uaf_exec_instructions'
d418c82f02a4 patch 9.0.2149: [security]: use-after-free in exec_instructions() Christian Brabandt <cb@256bit.org> parents: 33865 diff changeset	190 let cmn_args = "%s -u NONE -i NONE -n -e -s -S %s -c ':qa!'\<cr>"
d418c82f02a4 patch 9.0.2149: [security]: use-after-free in exec_instructions() Christian Brabandt <cb@256bit.org> parents: 33865 diff changeset	191 let args = printf(cmn_args, vim, file)
d418c82f02a4 patch 9.0.2149: [security]: use-after-free in exec_instructions() Christian Brabandt <cb@256bit.org> parents: 33865 diff changeset	192 call term_sendkeys(buf, args)
d418c82f02a4 patch 9.0.2149: [security]: use-after-free in exec_instructions() Christian Brabandt <cb@256bit.org> parents: 33865 diff changeset	193 call TermWait(buf, 150)
d418c82f02a4 patch 9.0.2149: [security]: use-after-free in exec_instructions() Christian Brabandt <cb@256bit.org> parents: 33865 diff changeset	194
33915 a49ae967e9ed patch 9.0.2158: [security]: use-after-free in check_argument_type Christian Brabandt <cb@256bit.org> parents: 33879 diff changeset	195 let file = 'crash/poc_uaf_check_argument_types'
a49ae967e9ed patch 9.0.2158: [security]: use-after-free in check_argument_type Christian Brabandt <cb@256bit.org> parents: 33879 diff changeset	196 let cmn_args = "%s -u NONE -i NONE -n -e -s -S %s -c ':qa!'\<cr>"
a49ae967e9ed patch 9.0.2158: [security]: use-after-free in check_argument_type Christian Brabandt <cb@256bit.org> parents: 33879 diff changeset	197 let args = printf(cmn_args, vim, file)
a49ae967e9ed patch 9.0.2158: [security]: use-after-free in check_argument_type Christian Brabandt <cb@256bit.org> parents: 33879 diff changeset	198 call term_sendkeys(buf, args)
a49ae967e9ed patch 9.0.2158: [security]: use-after-free in check_argument_type Christian Brabandt <cb@256bit.org> parents: 33879 diff changeset	199 call TermWait(buf, 150)
a49ae967e9ed patch 9.0.2158: [security]: use-after-free in check_argument_type Christian Brabandt <cb@256bit.org> parents: 33879 diff changeset	200
35871 1758bb7a9865 patch 9.1.0647: [security] use-after-free in tagstack_clear_entry Christian Brabandt <cb@256bit.org> parents: 33915 diff changeset	201 let file = 'crash/double_free'
1758bb7a9865 patch 9.1.0647: [security] use-after-free in tagstack_clear_entry Christian Brabandt <cb@256bit.org> parents: 33915 diff changeset	202 let cmn_args = "%s -u NONE -i NONE -n -e -s -S %s -c ':qa!'\<cr>"
1758bb7a9865 patch 9.1.0647: [security] use-after-free in tagstack_clear_entry Christian Brabandt <cb@256bit.org> parents: 33915 diff changeset	203 let args = printf(cmn_args, vim, file)
1758bb7a9865 patch 9.1.0647: [security] use-after-free in tagstack_clear_entry Christian Brabandt <cb@256bit.org> parents: 33915 diff changeset	204 call term_sendkeys(buf, args)
1758bb7a9865 patch 9.1.0647: [security] use-after-free in tagstack_clear_entry Christian Brabandt <cb@256bit.org> parents: 33915 diff changeset	205 call TermWait(buf, 50)
1758bb7a9865 patch 9.1.0647: [security] use-after-free in tagstack_clear_entry Christian Brabandt <cb@256bit.org> parents: 33915 diff changeset	206
35873 3e2f18adac4a patch 9.1.0648: [security] double-free in dialog_changed() Christian Brabandt <cb@256bit.org> parents: 35871 diff changeset	207 let file = 'crash/dialog_changed_uaf'
3e2f18adac4a patch 9.1.0648: [security] double-free in dialog_changed() Christian Brabandt <cb@256bit.org> parents: 35871 diff changeset	208 let cmn_args = "%s -u NONE -i NONE -n -e -s -S %s -c ':qa!'\<cr>"
3e2f18adac4a patch 9.1.0648: [security] double-free in dialog_changed() Christian Brabandt <cb@256bit.org> parents: 35871 diff changeset	209 let args = printf(cmn_args, vim, file)
3e2f18adac4a patch 9.1.0648: [security] double-free in dialog_changed() Christian Brabandt <cb@256bit.org> parents: 35871 diff changeset	210 call term_sendkeys(buf, args)
3e2f18adac4a patch 9.1.0648: [security] double-free in dialog_changed() Christian Brabandt <cb@256bit.org> parents: 35871 diff changeset	211 call TermWait(buf, 150)
3e2f18adac4a patch 9.1.0648: [security] double-free in dialog_changed() Christian Brabandt <cb@256bit.org> parents: 35871 diff changeset	212
35944 e0e4d42f19ad Problem: crash with WinNewPre autocommand Christian Brabandt <cb@256bit.org> parents: 35873 diff changeset	213 let file = 'crash/nullpointer'
e0e4d42f19ad Problem: crash with WinNewPre autocommand Christian Brabandt <cb@256bit.org> parents: 35873 diff changeset	214 let cmn_args = "%s -u NONE -i NONE -n -e -s -S %s -c ':qa!'\<cr>"
e0e4d42f19ad Problem: crash with WinNewPre autocommand Christian Brabandt <cb@256bit.org> parents: 35873 diff changeset	215 let args = printf(cmn_args, vim, file)
e0e4d42f19ad Problem: crash with WinNewPre autocommand Christian Brabandt <cb@256bit.org> parents: 35873 diff changeset	216 call term_sendkeys(buf, args)
e0e4d42f19ad Problem: crash with WinNewPre autocommand Christian Brabandt <cb@256bit.org> parents: 35873 diff changeset	217 call TermWait(buf, 50)
e0e4d42f19ad Problem: crash with WinNewPre autocommand Christian Brabandt <cb@256bit.org> parents: 35873 diff changeset	218
36048 179d2e139736 patch 9.1.0697: [security]: heap-buffer-overflow in ins_typebuf Christian Brabandt <cb@256bit.org> parents: 36043 diff changeset	219 let file = 'crash/heap_overflow3'
179d2e139736 patch 9.1.0697: [security]: heap-buffer-overflow in ins_typebuf Christian Brabandt <cb@256bit.org> parents: 36043 diff changeset	220 let cmn_args = "%s -u NONE -i NONE -n -X -m -n -e -s -S %s -c ':qa!'"
179d2e139736 patch 9.1.0697: [security]: heap-buffer-overflow in ins_typebuf Christian Brabandt <cb@256bit.org> parents: 36043 diff changeset	221 let args = printf(cmn_args, vim, file)
179d2e139736 patch 9.1.0697: [security]: heap-buffer-overflow in ins_typebuf Christian Brabandt <cb@256bit.org> parents: 36043 diff changeset	222 call term_sendkeys(buf, args)
179d2e139736 patch 9.1.0697: [security]: heap-buffer-overflow in ins_typebuf Christian Brabandt <cb@256bit.org> parents: 36043 diff changeset	223 call TermWait(buf, 150)
179d2e139736 patch 9.1.0697: [security]: heap-buffer-overflow in ins_typebuf Christian Brabandt <cb@256bit.org> parents: 36043 diff changeset	224
179d2e139736 patch 9.1.0697: [security]: heap-buffer-overflow in ins_typebuf Christian Brabandt <cb@256bit.org> parents: 36043 diff changeset	225
33879 d418c82f02a4 patch 9.0.2149: [security]: use-after-free in exec_instructions() Christian Brabandt <cb@256bit.org> parents: 33865 diff changeset	226 " clean up
d418c82f02a4 patch 9.0.2149: [security]: use-after-free in exec_instructions() Christian Brabandt <cb@256bit.org> parents: 33865 diff changeset	227 exe buf .. "bw!"
d418c82f02a4 patch 9.0.2149: [security]: use-after-free in exec_instructions() Christian Brabandt <cb@256bit.org> parents: 33865 diff changeset	228 bw!
33772 7624df087ebf patch 9.0.2106: [security]: Use-after-free in win_close() Christian Brabandt <cb@256bit.org> parents: 33523 diff changeset	229 endfunc
7624df087ebf patch 9.0.2106: [security]: Use-after-free in win_close() Christian Brabandt <cb@256bit.org> parents: 33523 diff changeset	230
33132 811555b5ab8b patch 9.0.1848: [security] buffer-overflow in vim_regsub_both() Christian Brabandt <cb@256bit.org> parents: 33115 diff changeset	231 func Test_crash2()
811555b5ab8b patch 9.0.1848: [security] buffer-overflow in vim_regsub_both() Christian Brabandt <cb@256bit.org> parents: 33115 diff changeset	232 " The following used to crash Vim
811555b5ab8b patch 9.0.1848: [security] buffer-overflow in vim_regsub_both() Christian Brabandt <cb@256bit.org> parents: 33115 diff changeset	233 let opts = #{wait_for_ruler: 0, rows: 20}
811555b5ab8b patch 9.0.1848: [security] buffer-overflow in vim_regsub_both() Christian Brabandt <cb@256bit.org> parents: 33115 diff changeset	234 let args = ' -u NONE -i NONE -n -e -s -S '
811555b5ab8b patch 9.0.1848: [security] buffer-overflow in vim_regsub_both() Christian Brabandt <cb@256bit.org> parents: 33115 diff changeset	235 let buf = RunVimInTerminal(args .. ' crash/vim_regsub_both', opts)
811555b5ab8b patch 9.0.1848: [security] buffer-overflow in vim_regsub_both() Christian Brabandt <cb@256bit.org> parents: 33115 diff changeset	236 call VerifyScreenDump(buf, 'Test_crash_01', {})
811555b5ab8b patch 9.0.1848: [security] buffer-overflow in vim_regsub_both() Christian Brabandt <cb@256bit.org> parents: 33115 diff changeset	237 exe buf .. "bw!"
811555b5ab8b patch 9.0.1848: [security] buffer-overflow in vim_regsub_both() Christian Brabandt <cb@256bit.org> parents: 33115 diff changeset	238 endfunc
811555b5ab8b patch 9.0.1848: [security] buffer-overflow in vim_regsub_both() Christian Brabandt <cb@256bit.org> parents: 33115 diff changeset	239
36043 23090f17734a patch 9.1.0695: tests: test_crash leaves Untitled file around Christian Brabandt <cb@256bit.org> parents: 36023 diff changeset	240 func Test_zz_cleanup()
23090f17734a patch 9.1.0695: tests: test_crash leaves Untitled file around Christian Brabandt <cb@256bit.org> parents: 36023 diff changeset	241 " That file is created at Test_crash1_2() by dialog_changed_uaf
23090f17734a patch 9.1.0695: tests: test_crash leaves Untitled file around Christian Brabandt <cb@256bit.org> parents: 36023 diff changeset	242 " but cleanup in that Test, doesn't remove it. Let's try again at
23090f17734a patch 9.1.0695: tests: test_crash leaves Untitled file around Christian Brabandt <cb@256bit.org> parents: 36023 diff changeset	243 " the end of this test script
23090f17734a patch 9.1.0695: tests: test_crash leaves Untitled file around Christian Brabandt <cb@256bit.org> parents: 36023 diff changeset	244 call delete('Untitled')
23090f17734a patch 9.1.0695: tests: test_crash leaves Untitled file around Christian Brabandt <cb@256bit.org> parents: 36023 diff changeset	245 endfunc
23090f17734a patch 9.1.0695: tests: test_crash leaves Untitled file around Christian Brabandt <cb@256bit.org> parents: 36023 diff changeset	246
33115 e64f3ab1a8b9 patch 9.0.1840: [security] use-after-free in do_ecmd Christian Brabandt <cb@256bit.org> parents: diff changeset	247 " vim: shiftwidth=2 sts=2 expandtab

Mercurial > vim

annotate src/testdir/test_crash.vim @ 36048:179d2e139736 v9.1.0697