Mercurial > vim

changeset 25421:c094a29722bb v8.2.3247

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
patch 8.2.3247: using uninitialized memory when checking for crypt method Commit: https://github.com/vim/vim/commit/77ab4e28a26a92628bc85cd580c1bfa2b6230be6 Author: Bram Moolenaar <Bram@vim.org> Date: Thu Jul 29 21:23:50 2021 +0200 patch 8.2.3247: using uninitialized memory when checking for crypt method Problem: Using uninitialized memory when checking for crypt method. Solution: Check the header length before using the salt and seed.
author Bram Moolenaar <Bram@vim.org>
date Thu, 29 Jul 2021 21:30:04 +0200
parents b0a6cb69b794
children 7fde4d54b8b7
files src/fileio.c src/version.c
diffstat 2 files changed, 8 insertions(+), 5 deletions(-) [+]
line wrap: on
line diff
--- a/src/fileio.c
+++ b/src/fileio.c
@@ -2917,15 +2917,16 @@ check_for_cryptkey(
 	{
 	    int header_len;
 
-	    curbuf->b_cryptstate = crypt_create_from_header(
-						       method, cryptkey, ptr);
-	    crypt_set_cm_option(curbuf, method);
-
-	    // Remove cryptmethod specific header from the text.
 	    header_len = crypt_get_header_len(method);
 	    if (*sizep <= header_len)
 		// invalid header, buffer can't be encrypted
 		return NULL;
+
+	    curbuf->b_cryptstate = crypt_create_from_header(
+							method, cryptkey, ptr);
+	    crypt_set_cm_option(curbuf, method);
+
+	    // Remove cryptmethod specific header from the text.
 	    *filesizep += header_len;
 	    *sizep -= header_len;
 	    mch_memmove(ptr, ptr + header_len, (size_t)*sizep);
--- a/src/version.c
+++ b/src/version.c
@@ -756,6 +756,8 @@ static char *(features[]) =
 static int included_patches[] =
 {   /* Add new patch number below this line */
 /**/
+    3247,
+/**/
     3246,
 /**/
     3245,