packages/vim
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!349 [sync] PR-347: fix CVE-2022-2845

Browse Source 
From: @openeuler-sync-bot 
Reviewed-by: @lvying6 
Signed-off-by: @lvying6
This commit is contained in:
openeuler-ci-bot 2022-08-19 04:15:37 +00:00 committed by Gitee
commit 4961ba6d55
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
2 changed files with 69 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

61
backport-CVE-2022-2845.patch Normal file
View File

@ -0,0 +1,61 @@
From e98c88c44c308edaea5994b8ad4363e65030968c Mon Sep 17 00:00:00 2001
From: Bram Moolenaar <Bram@vim.org>
Date: Tue, 16 Aug 2022 14:51:53 +0100
Subject: [PATCH] patch 9.0.0218: reading before the start of the line
Problem: Reading before the start of the line.
Solution: When displaying "$" check the column is not negative.
---
src/edit.c | 3 ++-
src/proto/edit.pro | 2 +-
src/testdir/test_cmdline.vim | 8 ++++++++
3 files changed, 11 insertions(+), 2 deletions(-)
diff --git a/src/edit.c b/src/edit.c
index bc0b7dc..a20fd3d 100644
--- a/src/edit.c
+++ b/src/edit.c
@@ -1769,8 +1769,9 @@ edit_unputchar(void)
* Only works when cursor is in the line that changes.
*/
void
-display_dollar(colnr_T col)
+display_dollar(colnr_T col_arg)
{
+ colnr_T col = col_arg < 0 ? 0 : col_arg;
colnr_T save_col;
if (!redrawing())
diff --git a/src/proto/edit.pro b/src/proto/edit.pro
index 49b9f4c..d0d3b17 100644
--- a/src/proto/edit.pro
+++ b/src/proto/edit.pro
@@ -7,7 +7,7 @@ void edit_putchar(int c, int highlight);
char_u *prompt_text(void);
int prompt_curpos_editable(void);
void edit_unputchar(void);
-void display_dollar(colnr_T col);
+void display_dollar(colnr_T col_arg);
void undisplay_dollar(void);
void truncate_spaces(char_u *line);
void backspace_until_column(int col);
diff --git a/src/testdir/test_cmdline.vim b/src/testdir/test_cmdline.vim
index 735b0a5..33808d7 100644
--- a/src/testdir/test_cmdline.vim
+++ b/src/testdir/test_cmdline.vim
@@ -935,4 +935,12 @@ func Test_long_error_message()
silent! norm Q00000000000000     000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000                                                                                                                                                                                                                        
endfunc
+func Test_cmdwin_virtual_edit()
+ enew!
+ set ve=all cpo+=$
+ silent normal q/s
+
+ set ve= cpo-=$
+endfunc
+
" vim: shiftwidth=2 sts=2 expandtab
--
2.33.0

9
vim.spec
View File

@ -12,7 +12,7 @@
Name: vim Name: vim
Epoch: 2 Epoch: 2
Version: 8.2 Version: 8.2
Release: 58 Release: 59
Summary: Vim is a highly configurable text editor for efficiently creating and changing any kind of text. Summary: Vim is a highly configurable text editor for efficiently creating and changing any kind of text.
License: Vim and MIT License: Vim and MIT
URL: http://www.vim.org URL: http://www.vim.org
@ -163,6 +163,7 @@ Patch6126: backport-patch-8.2.0310-autocmd-test-fails-on-a-slow-system.patc
Patch6127: backport-CVE-2022-2598.patch Patch6127: backport-CVE-2022-2598.patch
Patch6128: backport-CVE-2022-2571.patch Patch6128: backport-CVE-2022-2571.patch
Patch6129: backport-CVE-2022-1725.patch Patch6129: backport-CVE-2022-1725.patch
Patch6130: backport-CVE-2022-2845.patch
Patch9000: bugfix-rm-modify-info-version.patch Patch9000: bugfix-rm-modify-info-version.patch
@ -551,6 +552,12 @@ popd
%{_mandir}/man1/evim.* %{_mandir}/man1/evim.*
%changelog %changelog
* Fri Aug 19 2022 shixuantong <shixuantong@h-partners.com> - 2:8.2-59
- Type:CVE
- ID:CVE-2022-2845
- SUG:NA
- DESC:fix CVE-2022-2845
* Mon Aug 08 2022 dongyuzhen <dongyuzhen@h-partners.com> - 2:8.2-58 * Mon Aug 08 2022 dongyuzhen <dongyuzhen@h-partners.com> - 2:8.2-58
- Type:CVE - Type:CVE
- ID:CVE-2022-1725 - ID:CVE-2022-1725