packages/vim
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
vim/backport-CVE-2022-1629.patch

57 lines
1.4 KiB
Diff
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

From 53a70289c2712808e6d4e88927e03cac01b470dd Mon Sep 17 00:00:00 2001
From: Bram Moolenaar <Bram@vim.org>
Date: Mon, 9 May 2022 13:15:07 +0100
Subject: [PATCH] patch 8.2.4925: trailing backslash may cause reading past end
of line
Problem: Trailing backslash may cause reading past end of line.
Solution: Check for NUL after backslash.
---
src/search.c | 4 ++++
src/testdir/test_textobjects.vim | 10 +++++++++-
2 files changed, 13 insertions(+), 1 deletion(-)
diff --git a/src/search.c b/src/search.c
index 1a5dc1a..75f0c59 100644
--- a/src/search.c
+++ b/src/search.c
@@ -4457,7 +4457,11 @@ find_next_quote(
if (c == NUL)
return -1;
else if (escape != NULL && vim_strchr(escape, c))
+ {
++col;
+ if (line[col] == NUL)
+ return -1;
+ }
else if (c == quotechar)
break;
if (has_mbyte)
diff --git a/src/testdir/test_textobjects.vim b/src/testdir/test_textobjects.vim
index 49fc9c8..3fc0283 100644
--- a/src/testdir/test_textobjects.vim
+++ b/src/testdir/test_textobjects.vim
@@ -154,10 +154,18 @@ func Test_string_html_objects()
call assert_equal('-<b></b>', getline('.'), e)
set quoteescape&
+
+ " this was going beyond the end of the line
+ %del
+ sil! norm i"\
+ sil! norm i"\
+ sil! norm i"\
+ call assert_equal('"\', getline(1))
+
+ bwipe!
endfor
set enc=utf-8
- bwipe!
endfunc
func Test_empty_html_tag()
--
1.8.3.1
Reference in New Issue View Git Blame Copy Permalink