Mercurial > vim
view src/testdir/test23.ok @ 33863:3b8089d550eb v9.0.2141
patch 9.0.2141: [security]: buffer-overflow in suggest_trie_walk
Commit: https://github.com/vim/vim/commit/0fb375aae608d7306b4baf9c1f906961f32e2abf
Author: Christian Brabandt <cb@256bit.org>
Date: Wed Nov 29 10:23:39 2023 +0100
patch 9.0.2141: [security]: buffer-overflow in suggest_trie_walk
Problem: [security]: buffer-overflow in suggest_trie_walk
Solution: Check n before using it as index into byts array
Basically, n as an index into the byts array, can point to beyond the byts
array. So let's double check, that n is within the expected range after
incrementing it from sp->ts_curi and bail out if it would be invalid.
Reported by @henices, thanks!
Signed-off-by: Christian Brabandt <cb@256bit.org>
author | Christian Brabandt <cb@256bit.org> |
---|---|
date | Sun, 10 Dec 2023 15:16:03 +0100 |
parents | 30bdd2e4a6f9 |
children |
line wrap: on
line source
start test text test text test text test text test text test text test text test text test text test text test text test text test text test text x61 test text test text x60-x64 test text test text x78 5 test text test text o143 test text test text o140-o144 test text test text o41 7 test text test text \%x42 test text test text \%o103 test text test text [\x00] test text test text [\x00-\x10] test text test text [\x-z] test text test text [\u-z] xx xx a xx aaaaa xx a xx aaaaa xx a xx Aaa xx xx Aaaa xx xx Aaa xx xx foobar xA xx xx an A xx XX 9; YY 77; xyz bcd BB