Mercurial > vim

view src/testdir/test77a.in @ 33863:3b8089d550eb v9.0.2141

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
patch 9.0.2141: [security]: buffer-overflow in suggest_trie_walk Commit: https://github.com/vim/vim/commit/0fb375aae608d7306b4baf9c1f906961f32e2abf Author: Christian Brabandt <cb@256bit.org> Date: Wed Nov 29 10:23:39 2023 +0100 patch 9.0.2141: [security]: buffer-overflow in suggest_trie_walk Problem: [security]: buffer-overflow in suggest_trie_walk Solution: Check n before using it as index into byts array Basically, n as an index into the byts array, can point to beyond the byts array. So let's double check, that n is within the expected range after incrementing it from sp->ts_curi and bail out if it would be invalid. Reported by @henices, thanks! Signed-off-by: Christian Brabandt <cb@256bit.org>
author Christian Brabandt <cb@256bit.org>
date Sun, 10 Dec 2023 15:16:03 +0100
parents e705ea6e855b
children
line wrap: on
line source

Inserts 2 million lines with consecutive integers starting from 1
(essentially, the output of GNU's seq 1 2000000), writes them to Xtest
and writes its cksum to test.out.

We need 2 million lines to trigger a call to mf_hash_grow().  If it would mess
up the lines the checksum would differ.

cksum is part of POSIX and so should be available on most Unixes.
If it isn't available then the test will be skipped.

VMS does not have CKSUM but has a built in CHECKSUM - it should be used
STARTTEST
:silent! while 0
:  e! test.ok
:  w! test.out
:  qa!
:silent! endwhile
:if !has("vms")
: e! test.ok
: w! test.out
: qa!
:endif
:set fileformat=unix undolevels=-1
ggdG
:let i = 1
:while i <= 2000000 | call append(i, range(i, i + 99)) | let i += 100 | endwhile
ggdd
:w! Xtest.
:r !@test77a.com Xtest.
:s/\s/ /g
:set fileformat&
:.w! test.out
:qa!
ENDTEST