patch 9.0.2112: [security]: overflow in shift_line Commit: https://github.com/vim/vim/commit/6bf131888a3d1de62bbfa8a7ea03c0ddccfd496e Author: Christian Brabandt <cb@256bit.org> Date: Tue Nov 14 22:42:59 2023 +0100 patch 9.0.2112: [security]: overflow in shift_line Problem: [security]: overflow in shift_line Solution: allow a max indent of INT_MAX [security]: overflow in shift_line When shifting lines in operator pending mode and using a very large value, we may overflow the size of integer. Fix this by using a long variable, testing if the result would be larger than INT_MAX and if so, indent by INT_MAX value. Special case: We cannot use long here, since on 32bit architectures (or on Windows?), it typically cannot take larger values than a plain int, so we have to use long long count, decide whether the resulting multiplication of the shiftwidth value * amount is larger than INT_MAX and if so, we will store INT_MAX as possible larges value in the long long count variable. Then we can safely cast it back to int when calling the functions to set the indent (set_indent() or change_indent()). So this should be safe. Add a test that when using a huge value in operator pending mode for shifting, we will shift by INT_MAX closes: #13535 Signed-off-by: Christian Brabandt <cb@256bit.org>

README_srcdos.txt for version 9.0 of Vim: Vi IMproved.

See "README.txt" for general information about Vim.
See "README_dos.txt" for installation instructions for MS-Windows.
These files are in the runtime archive (vim90rt.zip).


The DOS source archive contains the files needed to compile Vim on MS-Windows.
It is packed for MS-Windows systems, with CR-LF.

See "src/INSTALLpc.txt" for instructions on how to compile Vim on the PC.