view runtime/syntax/rtf.vim @ 33865:8cdb69ea3711 v9.0.2143

patch 9.0.2143: [security]: buffer-overflow in ex_substitute Commit: https://github.com/vim/vim/commit/abfa13ebe92d81aaf66669c428d767847b577453 Author: Christian Brabandt <cb@256bit.org> Date: Thu Nov 30 11:32:18 2023 +0100 patch 9.0.2143: [security]: buffer-overflow in ex_substitute Problem: [security]: buffer-overflow in ex_substitute Solution: clear memory after allocating When allocating the new_start pointer in ex_substitute() the memory pointer points to some garbage that the following for loop in ex_cmds.c:4743 confuses and causes it to accessing the new_start pointer beyond it's size, leading to a buffer-overlow. So fix this by using alloc_clear() instead of alloc(), which will clear the memory by NUL and therefore cause the loop to terminate correctly. Reported by @henices, thanks! closes: #13596 Signed-off-by: Christian Brabandt <cb@256bit.org>
author Christian Brabandt <cb@256bit.org>
date Sun, 10 Dec 2023 15:16:05 +0100
parents 5b7ea82bc18f
children
line wrap: on
line source

" Vim syntax file
" Language:	Rich Text Format
"		"*.rtf" files
"
" The Rich Text Format (RTF) Specification is a method of encoding formatted
" text and graphics for easy transfer between applications.
" .hlp (windows help files) use compiled rtf files
" rtf documentation at http://night.primate.wisc.edu/software/RTF/
"
" Maintainer:	Dominique Stéphan (dominique@mggen.com)
" URL: http://www.mggen.com/vim/syntax/rtf.zip
" Last change:	2001 Mai 02

" TODO: render underline, italic, bold

" quit when a syntax file was already loaded
if exists("b:current_syntax")
  finish
endif

" case on (all controls must be lower case)
syn case match

" Control Words
syn match rtfControlWord	"\\[a-z]\+[\-]\=[0-9]*"

" New Control Words (not in the 1987 specifications)
syn match rtfNewControlWord	"\\\*\\[a-z]\+[\-]\=[0-9]*"

" Control Symbol : any \ plus a non alpha symbol, *, \, { and } and '
syn match rtfControlSymbol	"\\[^a-zA-Z\*\{\}\\']"

" { } and \ are special characters, to use them
" we add a backslash \
syn match rtfCharacter		"\\\\"
syn match rtfCharacter		"\\{"
syn match rtfCharacter		"\\}"
" Escaped characters (for 8 bytes characters upper than 127)
syn match rtfCharacter		"\\'[A-Za-z0-9][A-Za-z0-9]"
" Unicode
syn match rtfUnicodeCharacter	"\\u[0-9][0-9]*"

" Color values, we will put this value in Red, Green or Blue
syn match rtfRed		"\\red[0-9][0-9]*"
syn match rtfGreen		"\\green[0-9][0-9]*"
syn match rtfBlue		"\\blue[0-9][0-9]*"

" Some stuff for help files
syn match rtfFootNote "[#$K+]{\\footnote.*}" contains=rtfControlWord,rtfNewControlWord

" Define the default highlighting.
" Only when an item doesn't have highlighting yet


hi def link rtfControlWord		Statement
hi def link rtfNewControlWord	Special
hi def link rtfControlSymbol	Constant
hi def link rtfCharacter		Character
hi def link rtfUnicodeCharacter	SpecialChar
hi def link rtfFootNote		Comment

" Define colors for the syntax file
hi rtfRed	      term=underline cterm=underline ctermfg=DarkRed gui=underline guifg=DarkRed
hi rtfGreen	      term=underline cterm=underline ctermfg=DarkGreen gui=underline guifg=DarkGreen
hi rtfBlue	      term=underline cterm=underline ctermfg=DarkBlue gui=underline guifg=DarkBlue

hi def link rtfRed	rtfRed
hi def link rtfGreen	rtfGreen
hi def link rtfBlue	rtfBlue



let b:current_syntax = "rtf"

" vim:ts=8