Mercurial > vim
changeset 25421:c094a29722bb v8.2.3247
patch 8.2.3247: using uninitialized memory when checking for crypt method
Commit: https://github.com/vim/vim/commit/77ab4e28a26a92628bc85cd580c1bfa2b6230be6
Author: Bram Moolenaar <Bram@vim.org>
Date: Thu Jul 29 21:23:50 2021 +0200
patch 8.2.3247: using uninitialized memory when checking for crypt method
Problem: Using uninitialized memory when checking for crypt method.
Solution: Check the header length before using the salt and seed.
author | Bram Moolenaar <Bram@vim.org> |
---|---|
date | Thu, 29 Jul 2021 21:30:04 +0200 |
parents | b0a6cb69b794 |
children | 7fde4d54b8b7 |
files | src/fileio.c src/version.c |
diffstat | 2 files changed, 8 insertions(+), 5 deletions(-) [+] |
line wrap: on
line diff
--- a/src/fileio.c +++ b/src/fileio.c @@ -2917,15 +2917,16 @@ check_for_cryptkey( { int header_len; - curbuf->b_cryptstate = crypt_create_from_header( - method, cryptkey, ptr); - crypt_set_cm_option(curbuf, method); - - // Remove cryptmethod specific header from the text. header_len = crypt_get_header_len(method); if (*sizep <= header_len) // invalid header, buffer can't be encrypted return NULL; + + curbuf->b_cryptstate = crypt_create_from_header( + method, cryptkey, ptr); + crypt_set_cm_option(curbuf, method); + + // Remove cryptmethod specific header from the text. *filesizep += header_len; *sizep -= header_len; mch_memmove(ptr, ptr + header_len, (size_t)*sizep);