vim: src/errors.h comparison

comparison src/errors.h @ 33660:ca0229869b38 v9.0.2068

patch 9.0.2068: [security] overflow in :history Commit: https://github.com/vim/vim/commit/9198c1f2b1ddecde22af918541e0de2a32f0f45a Author: Christian Brabandt <cb@256bit.org> Date: Thu Oct 26 21:29:32 2023 +0200 patch 9.0.2068: [security] overflow in :history Problem: [security] overflow in :history Solution: Check that value fits into int The get_list_range() function, used to parse numbers for the :history and :clist command internally uses long variables to store the numbers. However function arguments are integer pointers, which can then overflow. Check that the return value from the vim_str2nr() function is not larger than INT_MAX and if yes, bail out with an error. I guess nobody uses a cmdline/clist history that needs so many entries... (famous last words). It is only a moderate vulnerability, so impact should be low. Github Advisory: https://github.com/vim/vim/security/advisories/GHSA-q22m-h7m2-9mgm Signed-off-by: Christian Brabandt <cb@256bit.org>

author	Christian Brabandt <cb@256bit.org>
date	Thu, 26 Oct 2023 21:45:05 +0200
parents	41c64cb748c1
children	7d9d2404a3d4

comparison

equal deleted inserted replaced

-:867fa40377c1
+:ca0229869b38
 	INIT(= "E1507: Internal error: ap_types or ap_types[idx] is NULL: %d: %s");
 EXTERN char e_xattr_e2big[]
 	INIT(= N_("E1508: Size of the extended attribute value is larger than the maximum size allowed"));
 EXTERN char e_xattr_other[]
 	INIT(= N_("E1509: Error occurred when reading or writing extended attribute"));
+EXTERN char e_val_too_large[]
+	INIT(= N_("E1510: Value too large: %s"));

Mercurial > vim

comparison src/errors.h @ 33660:ca0229869b38 v9.0.2068