diff options
Diffstat (limited to 'patches/source/vim/CVE-2022-2819.patch')
-rw-r--r-- | patches/source/vim/CVE-2022-2819.patch | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/patches/source/vim/CVE-2022-2819.patch b/patches/source/vim/CVE-2022-2819.patch new file mode 100644 index 000000000..59c25d8c3 --- /dev/null +++ b/patches/source/vim/CVE-2022-2819.patch @@ -0,0 +1,40 @@ +From d1d8f6bacb489036d0fd479c9dd3c0102c988889 Mon Sep 17 00:00:00 2001 +From: Bram Moolenaar <Bram@vim.org> +Date: Sun, 14 Aug 2022 21:28:32 +0100 +Subject: [PATCH] patch 9.0.0211: invalid memory access when compiling :lockvar + +Problem: Invalid memory access when compiling :lockvar. +Solution: Don't read past the end of the line. +--- + +diff --git a/src/vim9cmds.c b/src/vim9cmds.c +index ad32c32ff7cb..35a382138bf3 100644 +--- a/src/vim9cmds.c ++++ b/src/vim9cmds.c +@@ -188,10 +188,17 @@ compile_lock_unlock( + size_t len; + char_u *buf; + isntype_T isn = ISN_EXEC; ++ char *cmd = eap->cmdidx == CMD_lockvar ? "lockvar" : "unlockvar"; + + if (cctx->ctx_skip == SKIP_YES) + return OK; + ++ if (*p == NUL) ++ { ++ semsg(_(e_argument_required_for_str), cmd); ++ return FAIL; ++ } ++ + // Cannot use :lockvar and :unlockvar on local variables. + if (p[1] != ':') + { +@@ -223,8 +230,6 @@ compile_lock_unlock( + ret = FAIL; + else + { +- char *cmd = eap->cmdidx == CMD_lockvar ? "lockvar" : "unlockvar"; +- + if (deep < 0) + vim_snprintf((char *)buf, len, "%s! %s", cmd, p); + else |