patch 9.0.2068: [security] overflow in :history Commit: https://github.com/vim/vim/commit/9198c1f2b1ddecde22af918541e0de2a32f0f45a Author: Christian Brabandt <cb@256bit.org> Date: Thu Oct 26 21:29:32 2023 +0200 patch 9.0.2068: [security] overflow in :history Problem: [security] overflow in :history Solution: Check that value fits into int The get_list_range() function, used to parse numbers for the :history and :clist command internally uses long variables to store the numbers. However function arguments are integer pointers, which can then overflow. Check that the return value from the vim_str2nr() function is not larger than INT_MAX and if yes, bail out with an error. I guess nobody uses a cmdline/clist history that needs so many entries... (famous last words). It is only a moderate vulnerability, so impact should be low. Github Advisory: https://github.com/vim/vim/security/advisories/GHSA-q22m-h7m2-9mgm Signed-off-by: Christian Brabandt <cb@256bit.org>

version: "{build}"

image: Visual Studio 2015

skip_tags: true

environment:
  matrix:
    - FEATURE: HUGE
  
    # Alternate environments, not used right now.  2022 is a lot slower.
    #
    # - job_name: VS-2015
    #   appveyor_build_worker_image: Visual Studio 2015
    #   FEATURE: HUGE

    # - job_name: VS-2017
    #   appveyor_build_worker_image: Visual Studio 2017
    #   FEATURE: HUGE

    # - job_name: VS-2019
    #   appveyor_build_worker_image: Visual Studio 2019
    #   FEATURE: HUGE

    # - job_name: VS-2022
    #   appveyor_build_worker_image: Visual Studio 2022
    #   FEATURE: HUGE

# disabled
#    - FEATURE: TINY
#    - FEATURE: NORMAL

matrix:
  fast_finish: true

before_build:
  - call ver
  - ci\appveyor.bat install

build_script:
  - ci\appveyor.bat build

test_script:
  - ci\appveyor.bat test

artifacts:
  - path: src/vim.exe
    name: vim
  - path: src/gvim.exe
    name: gvim

# vim: sw=2 sts=2 et ts=8 sr