packages/vim
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix CVE-2022-0943

Browse Source
This commit is contained in:
xinyingchao 2022-03-24 14:09:51 +08:00
parent ddde29fdd9
commit e7a109cad5
2 changed files with 65 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

57
backport-CVE-2022-0943.patch Normal file
View File

@ -0,0 +1,57 @@
From 5c68617d395f9d7b824f68475b24ce3e38d653a3 Mon Sep 17 00:00:00 2001
From: Bram Moolenaar <Bram@vim.org>
Date: Sun, 13 Mar 2022 20:12:25 +0000
Subject: [PATCH] patch 8.2.4563: "z=" in Visual mode may go beyond the end of
the line
Problem: "z=" in Visual mode may go beyond the end of the line.
Solution: Adjust "badlen".
---
src/spellsuggest.c | 4 ++++
src/testdir/test_spell.vim | 15 +++++++++++++++
2 files changed, 19 insertions(+)
diff --git a/src/spellsuggest.c b/src/spellsuggest.c
index cd28798..429e292 100644
--- a/src/spellsuggest.c
+++ b/src/spellsuggest.c
@@ -501,6 +501,10 @@ spell_suggest(int count)
curwin->w_cursor.col = VIsual.col;
++badlen;
end_visual_mode();
+ // make sure we don't include the NUL at the end of the line
+ line = ml_get_curline();
+ if (badlen > STRLEN(line) - curwin->w_cursor.col)
+ badlen = STRLEN(line) - curwin->w_cursor.col;
}
// Find the start of the badly spelled word.
else if (spell_move_to(curwin, FORWARD, TRUE, TRUE, NULL) == 0
diff --git a/src/testdir/test_spell.vim b/src/testdir/test_spell.vim
index de49b42..49118a9 100644
--- a/src/testdir/test_spell.vim
+++ b/src/testdir/test_spell.vim
@@ -131,6 +131,21 @@ func Test_spellreall()
bwipe!
endfunc
+func Test_spellsuggest_visual_end_of_line()
+ let enc_save = &encoding
+ set encoding=iso8859
+
+ " This was reading beyond the end of the line.
+ norm R00000000000
+ sil norm 0
+ sil! norm i00000)
+ sil! norm i00000)
+ call feedkeys("\<CR>")
+ norm z=
+
+ let &encoding = enc_save
+endfunc
+
func Test_spellinfo()
new
let runtime = substitute($VIMRUNTIME, '\\', '/', 'g')
--
2.27.0

9
vim.spec
View File

@ -12,7 +12,7 @@
Name: vim
Epoch: 2
Version: 8.2
Release: 28
Release: 29
Summary: Vim is a highly configurable text editor for efficiently creating and changing any kind of text.
License: Vim and MIT
URL: http://www.vim.org
@ -90,6 +90,7 @@ Patch6053: backport-CVE-2022-0729.patch
Patch6054: backport-CVE-2022-0685.patch
Patch6055: backport-CVE-2022-0319.patch
Patch6056: backport-CVE-2022-0554.patch
Patch6057: backport-CVE-2022-0943.patch
Patch9000: bugfix-rm-modify-info-version.patch
@ -478,6 +479,12 @@ popd
%{_mandir}/man1/evim.*
%changelog
* Thu Mar 24 2022 yuanxin <yuanxin24@h-partners.com> - 2:8.2-29
- Type:CVE
- ID:CVE-2022-0943
- SUG:NA
- DESC:fix CVE-2022-0943
* Mon Mar 21 2022 yuanxin <yuanxin24@h-partners.com> - 2:8.2-28
- Type:CVE
- ID:CVE-2022-0319 CVE-2022-0554