Mercurial > vim

view runtime/syntax/hb.vim @ 33865:8cdb69ea3711 v9.0.2143

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
patch 9.0.2143: [security]: buffer-overflow in ex_substitute Commit: https://github.com/vim/vim/commit/abfa13ebe92d81aaf66669c428d767847b577453 Author: Christian Brabandt <cb@256bit.org> Date: Thu Nov 30 11:32:18 2023 +0100 patch 9.0.2143: [security]: buffer-overflow in ex_substitute Problem: [security]: buffer-overflow in ex_substitute Solution: clear memory after allocating When allocating the new_start pointer in ex_substitute() the memory pointer points to some garbage that the following for loop in ex_cmds.c:4743 confuses and causes it to accessing the new_start pointer beyond it's size, leading to a buffer-overlow. So fix this by using alloc_clear() instead of alloc(), which will clear the memory by NUL and therefore cause the loop to terminate correctly. Reported by @henices, thanks! closes: #13596 Signed-off-by: Christian Brabandt <cb@256bit.org>
author Christian Brabandt <cb@256bit.org>
date Sun, 10 Dec 2023 15:16:05 +0100
parents 46763b01cd9a
children
line wrap: on
line source

" Vim syntax file
" Language:	Hyper Builder
" Maintainer:	Alejandro Forero Cuervo
" URL:		http://bachue.com/hb/vim/syntax/hb.vim
" Last Change:	2012 Jan 08 by Thilo Six

" quit when a syntax file was already loaded
if exists("b:current_syntax")
  finish
endif

let s:cpo_save = &cpo
set cpo&vim

" Read the HTML syntax to start with
"syn include @HTMLStuff <sfile>:p:h/htmlhb.vim

"this would be nice but we are supposed not to do it
"set mps=<:>

"syn region  HBhtmlString contained start=+"+ end=+"+ contains=htmlSpecialChar
"syn region  HBhtmlString contained start=+'+ end=+'+ contains=htmlSpecialChar

"syn match   htmlValue    contained "=[\t ]*[^'" \t>][^ \t>]*"

syn match   htmlSpecialChar "&[^;]*;" contained

syn match   HBhtmlTagSk  contained "[A-Za-z]*"

syn match   HBhtmlTagS   contained "<\s*\(hb\s*\.\s*\(sec\|min\|hour\|day\|mon\|year\|input\|html\|time\|getcookie\|streql\|url-enc\)\|wall\s*\.\s*\(show\|info\|id\|new\|rm\|count\)\|auth\s*\.\s*\(chk\|add\|find\|user\)\|math\s*\.\s*exp\)\s*\([^.A-Za-z0-9]\|$\)" contains=HBhtmlTagSk transparent

syn match   HBhtmlTagN   contained "[A-Za-z0-9\/\-]\+"

syn match   HBhtmlTagB   contained "<\s*[A-Za-z0-9\/\-]\+\(\s*\.\s*[A-Za-z0-9\/\-]\+\)*" contains=HBhtmlTagS,HBhtmlTagN

syn region  HBhtmlTag contained start=+<+ end=+>+ contains=HBhtmlTagB,HBDirectiveError

syn match HBFileName ".*" contained

syn match HBDirectiveKeyword	":\s*\(include\|lib\|set\|out\)\s\+" contained

syn match HBDirectiveError	"^:.*$" contained

"syn match HBDirectiveBlockEnd "^:\s*$" contained

"syn match HBDirectiveOutHead "^:\s*out\s\+\S\+.*" contained contains=HBDirectiveKeyword,HBFileName

"syn match HBDirectiveSetHead "^:\s*set\s\+\S\+.*" contained contains=HBDirectiveKeyword,HBFileName

syn match HBInvalidLine "^.*$"

syn match HBDirectiveInclude "^:\s*include\s\+\S\+.*$" contains=HBFileName,HBDirectiveKeyword

syn match HBDirectiveLib "^:\s*lib\s\+\S\+.*$" contains=HBFileName,HBDirectiveKeyword

syn region HBText matchgroup=HBDirectiveKeyword start=/^:\(set\|out\)\s*\S\+.*$/ end=/^:\s*$/ contains=HBDirectiveError,htmlSpecialChar,HBhtmlTag keepend

"syn match HBLine "^:.*$" contains=HBDirectiveInclude,HBDirectiveLib,HBDirectiveError,HBDirectiveSet,HBDirectiveOut

syn match HBComment "^#.*$"

" Define the default highlighting.
" Only when an item doesn't have highlighting yet

hi def link HBhtmlString			 String
hi def link HBhtmlTagN			 Function
hi def link htmlSpecialChar		 String

hi def link HBInvalidLine Error
hi def link HBFoobar Comment
hi HBFileName guibg=lightgray guifg=black
hi def link HBDirectiveError Error
hi def link HBDirectiveBlockEnd HBDirectiveKeyword
hi HBDirectiveKeyword guibg=lightgray guifg=darkgreen
hi def link HBComment Comment
hi def link HBhtmlTagSk Statement


syn sync match Normal grouphere NONE "^:\s*$"
syn sync match Normal grouphere NONE "^:\s*lib\s\+[^ \t]\+$"
syn sync match Normal grouphere NONE "^:\s*include\s\+[^ \t]\+$"
"syn sync match Block  grouphere HBDirectiveSet "^#:\s*set\s\+[^ \t]\+"
"syn sync match Block  grouphere HBDirectiveOut "^#:\s*out\s\+[^ \t]\+"

let b:current_syntax = "hb"

let &cpo = s:cpo_save
unlet s:cpo_save
" vim: ts=8