Mercurial > vim

changeset 36075:f81b0f00ed22 v9.1.0707

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
patch 9.1.0707: [security]: invalid cursor position may cause a crash Commit: https://github.com/vim/vim/commit/396fd1ec2956307755392a1c61f55d5c1847f308 Author: Christian Brabandt <cb@256bit.org> Date: Sat Aug 31 17:58:16 2024 +0200 patch 9.1.0707: [security]: invalid cursor position may cause a crash Problem: [security]: invalid cursor position may cause a crash (after v9.1.0038) Solution: Set cursor to the last character in a line, if it would otherwise point to beyond the line; no tests added, as it is unclear how to reproduce this. Github Advisory: https://github.com/vim/vim/security/advisories/GHSA-4ghr-c62x-cqfh Co-authored-by: zeertzjq <zeertzjq@outlook.com> Signed-off-by: zeertzjq <zeertzjq@outlook.com> Signed-off-by: Christian Brabandt <cb@256bit.org>
author Christian Brabandt <cb@256bit.org>
date Sat, 31 Aug 2024 18:15:02 +0200
parents 51799727f341
children a45df88ff91f
files src/charset.c src/version.c
diffstat 2 files changed, 5 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/src/charset.c
+++ b/src/charset.c
@@ -1678,6 +1678,9 @@ getvcol(
     }
     clear_chartabsize_arg(&cts);
 
+    if (*ptr == NUL && pos->col < MAXCOL && pos->col > ptr - line)
+	pos->col = ptr - line;
+
     if (start != NULL)
 	*start = vcol + head;
     if (end != NULL)
--- a/src/version.c
+++ b/src/version.c
@@ -705,6 +705,8 @@ static char *(features[]) =
 static int included_patches[] =
 {   /* Add new patch number below this line */
 /**/
+    707,
+/**/
     706,
 /**/
     705,