patch 9.0.2112: [security]: overflow in shift_line Commit: https://github.com/vim/vim/commit/6bf131888a3d1de62bbfa8a7ea03c0ddccfd496e Author: Christian Brabandt <cb@256bit.org> Date: Tue Nov 14 22:42:59 2023 +0100 patch 9.0.2112: [security]: overflow in shift_line Problem: [security]: overflow in shift_line Solution: allow a max indent of INT_MAX [security]: overflow in shift_line When shifting lines in operator pending mode and using a very large value, we may overflow the size of integer. Fix this by using a long variable, testing if the result would be larger than INT_MAX and if so, indent by INT_MAX value. Special case: We cannot use long here, since on 32bit architectures (or on Windows?), it typically cannot take larger values than a plain int, so we have to use long long count, decide whether the resulting multiplication of the shiftwidth value * amount is larger than INT_MAX and if so, we will store INT_MAX as possible larges value in the long long count variable. Then we can safely cast it back to int when calling the functions to set the indent (set_indent() or change_indent()). So this should be safe. Add a test that when using a huge value in operator pending mode for shifting, we will shift by INT_MAX closes: #13535 Signed-off-by: Christian Brabandt <cb@256bit.org>

#!/bin/bash
set -e

apt-get install -y xvfb

cat <<EOT >/etc/systemd/system/xvfb.service
[Unit]
Description=X Virtual Frame Buffer Service
After=network.target
[Service]
ExecStart=/usr/bin/Xvfb :99 -screen 0 1024x768x24
[Install]
WantedBy=multi-user.target
EOT

systemctl enable xvfb.service
systemctl start xvfb.service