Mercurial > vim
view runtime/lang/README.txt @ 33865:8cdb69ea3711 v9.0.2143
patch 9.0.2143: [security]: buffer-overflow in ex_substitute
Commit: https://github.com/vim/vim/commit/abfa13ebe92d81aaf66669c428d767847b577453
Author: Christian Brabandt <cb@256bit.org>
Date: Thu Nov 30 11:32:18 2023 +0100
patch 9.0.2143: [security]: buffer-overflow in ex_substitute
Problem: [security]: buffer-overflow in ex_substitute
Solution: clear memory after allocating
When allocating the new_start pointer in ex_substitute() the memory
pointer points to some garbage that the following for loop in
ex_cmds.c:4743 confuses and causes it to accessing the new_start pointer
beyond it's size, leading to a buffer-overlow.
So fix this by using alloc_clear() instead of alloc(), which will
clear the memory by NUL and therefore cause the loop to terminate
correctly.
Reported by @henices, thanks!
closes: #13596
Signed-off-by: Christian Brabandt <cb@256bit.org>
author | Christian Brabandt <cb@256bit.org> |
---|---|
date | Sun, 10 Dec 2023 15:16:05 +0100 |
parents | 0fdf36de4018 |
children |
line wrap: on
line source
Language files for Vim: Translated menus The contents of each menu file is a sequence of lines with "menutrans" commands. Read one of the existing files to get an idea of how this works. More information in the on-line help: :help multilang-menus :help :menutrans :help 'langmenu' :help :language You can find a couple of helper tools for translating menus on github: https://github.com/adaext/vim-menutrans-helper The "$VIMRUNTIME/menu.vim" file will search for a menu translation file. This depends on the value of the "v:lang" variable. "menu_" . v:lang . ".vim" When the 'menutrans' option is set, its value will be used instead of v:lang. The file name is always lower case. It is the full name as the ":language" command shows (the LC_MESSAGES value). For example, to use the Big5 (Taiwan) menus on MS-Windows the $LANG will be Chinese(Taiwan)_Taiwan.950 and use the menu translation file: $VIMRUNTIME/lang/menu_chinese(taiwan)_taiwan.950.vim On Unix you should set $LANG, depending on your shell: csh/tcsh: setenv LANG "zh_TW.Big5" sh/bash/ksh: export LANG="zh_TW.Big5" and the menu translation file is: $VIMRUNTIME/lang/menu_zh_tw.big5.vim The menu translation file should set the "did_menu_trans" variable so that Vim will not load another file. AUTOMATIC CONVERSION When Vim was compiled with multi-byte support, conversion between latin1 and UTF-8 will always be possible. Other conversions depend on the iconv library, which is not always available. For UTF-8 menu files which only use latin1 characters, you can rely on Vim doing the conversion. Let the UTF-8 menu file source the latin1 menu file, and put "scriptencoding latin1" in that one. Other conversions may not always be available (e.g., between iso-8859-# and MS-Windows codepages), thus the converted menu file must be available.