import vim-8.2.2637-15.el9
This commit is contained in:
parent
5f85241c59
commit
26c4c8da8b
@ -0,0 +1,49 @@
|
||||
From 34f8117dec685ace52cd9e578e2729db278163fc Mon Sep 17 00:00:00 2001
|
||||
From: Bram Moolenaar <Bram@vim.org>
|
||||
Date: Wed, 16 Feb 2022 12:16:19 +0000
|
||||
Subject: [PATCH] patch 8.2.4397: crash when using many composing characters in
|
||||
error message
|
||||
|
||||
Problem: Crash when using many composing characters in error message.
|
||||
Solution: Use mb_cptr2char_adv() instead of mb_ptr2char_adv().
|
||||
---
|
||||
src/testdir/test_assert.vim | 8 ++++++++
|
||||
src/testing.c | 2 +-
|
||||
src/version.c | 2 ++
|
||||
3 files changed, 11 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/testdir/test_assert.vim b/src/testdir/test_assert.vim
|
||||
index 8987f3f8d..27b2d73fb 100644
|
||||
--- a/src/testdir/test_assert.vim
|
||||
+++ b/src/testdir/test_assert.vim
|
||||
@@ -53,6 +53,14 @@ func Test_assert_equal()
|
||||
call assert_equal("\b\e\f\n\t\r\\\x01\x7f", 'x')
|
||||
call assert_match('Expected ''\\b\\e\\f\\n\\t\\r\\\\\\x01\\x7f'' but got ''x''', v:errors[0])
|
||||
call remove(v:errors, 0)
|
||||
+
|
||||
+ " many composing characters are handled properly
|
||||
+ call setline(1, ' ')
|
||||
+ norm 100gr݀
|
||||
+ call assert_equal(1, getline(1))
|
||||
+ call assert_match("Expected 1 but got '.* occurs 100 times]'", v:errors[0])
|
||||
+ call remove(v:errors, 0)
|
||||
+ bwipe!
|
||||
endfunc
|
||||
|
||||
func Test_assert_equal_dict()
|
||||
diff --git a/src/testing.c b/src/testing.c
|
||||
index 448c01c1e..48ba14d2c 100644
|
||||
--- a/src/testing.c
|
||||
+++ b/src/testing.c
|
||||
@@ -101,7 +101,7 @@ ga_concat_shorten_esc(garray_T *gap, char_u *str)
|
||||
{
|
||||
same_len = 1;
|
||||
s = p;
|
||||
- c = mb_ptr2char_adv(&s);
|
||||
+ c = mb_cptr2char_adv(&s);
|
||||
clen = s - p;
|
||||
while (*s != NUL && c == mb_ptr2char(s))
|
||||
{
|
||||
--
|
||||
2.35.1
|
||||
|
@ -0,0 +1,35 @@
|
||||
diff --git a/src/indent.c b/src/indent.c
|
||||
index 77d8b0a..9830685 100644
|
||||
--- a/src/indent.c
|
||||
+++ b/src/indent.c
|
||||
@@ -1284,6 +1284,8 @@ change_indent(
|
||||
new_cursor_col += (*mb_ptr2len)(ptr + new_cursor_col);
|
||||
else
|
||||
++new_cursor_col;
|
||||
+ if (ptr[new_cursor_col] == NUL)
|
||||
+ break;
|
||||
vcol += lbr_chartabsize(ptr, ptr + new_cursor_col, (colnr_T)vcol);
|
||||
}
|
||||
vcol = last_vcol;
|
||||
diff --git a/src/testdir/test_vartabs.vim b/src/testdir/test_vartabs.vim
|
||||
index 0ff1ea8..a613510 100644
|
||||
--- a/src/testdir/test_vartabs.vim
|
||||
+++ b/src/testdir/test_vartabs.vim
|
||||
@@ -419,4 +419,17 @@ func Test_varsofttabstop()
|
||||
close!
|
||||
endfunc
|
||||
|
||||
+func Test_vartabstop_latin1()
|
||||
+ let save_encoding = &encoding
|
||||
+ new
|
||||
+ set encoding=iso8859-1
|
||||
+ set compatible linebreak list revins smarttab
|
||||
+ set vartabstop=400
|
||||
+ exe "norm i00\t\<C-D>"
|
||||
+ bwipe!
|
||||
+ let &encoding = save_encoding
|
||||
+ set nocompatible linebreak& list& revins& smarttab& vartabstop&
|
||||
+endfunc
|
||||
+
|
||||
+
|
||||
" vim: shiftwidth=2 sts=2 expandtab
|
@ -27,7 +27,7 @@ Summary: The VIM editor
|
||||
URL: http://www.vim.org/
|
||||
Name: vim
|
||||
Version: %{baseversion}.%{patchlevel}
|
||||
Release: 13%{?dist}
|
||||
Release: 15%{?dist}
|
||||
License: Vim and MIT
|
||||
Source0: ftp://ftp.vim.org/pub/vim/unix/vim-%{baseversion}-%{patchlevel}.tar.bz2
|
||||
Source1: virc
|
||||
@ -112,6 +112,10 @@ Patch3039: 0001-patch-8.2.4281-using-freed-memory-with-lopen-and-bwi.patch
|
||||
Patch3040: 0001-patch-8.2.4218-illegal-memory-access-with-bracketed-.patch
|
||||
# CVE-2022-0572 vim: heap overflow in ex_retab() may lead to crash
|
||||
Patch3041: 0001-patch-8.2.4359-crash-when-repeatedly-using-retab.patch
|
||||
# CVE-2022-0629 vim: Stack-based Buffer Overflow in vim prior to 8.2
|
||||
Patch3042: 0001-patch-8.2.4397-crash-when-using-many-composing-chara.patch
|
||||
# CVE-2022-0714 vim: buffer overflow [rhel-9]
|
||||
Patch3043: 0001-patch-8.2.4436-crash-with-weird-vartabstop-value.patch
|
||||
|
||||
# gcc is no longer in buildroot by default
|
||||
BuildRequires: gcc
|
||||
@ -340,6 +344,8 @@ perl -pi -e "s,bin/nawk,bin/awk,g" runtime/tools/mve.awk
|
||||
%patch3039 -p1 -b .cve0443
|
||||
%patch3040 -p1 -b .cve0392
|
||||
%patch3041 -p1 -b .cve0572
|
||||
%patch3042 -p1 -b .cve0629
|
||||
%patch3043 -p1 -b .cve0714
|
||||
|
||||
%build
|
||||
cd src
|
||||
@ -897,6 +903,12 @@ touch %{buildroot}/%{_datadir}/%{name}/vimfiles/doc/tags
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Thu Feb 24 2022 Zdenek Dohnal <zdohnal@redhat.com> - 2:8.2.2637-15
|
||||
- CVE-2022-0714 vim: buffer overflow [rhel-9]
|
||||
|
||||
* Wed Feb 23 2022 Zdenek Dohnal <zdohnal@redhat.com> - 2:8.2.2637-14
|
||||
- CVE-2022-0629 vim: Stack-based Buffer Overflow in vim prior to 8.2
|
||||
|
||||
* Wed Feb 16 2022 Zdenek Dohnal <zdohnal@redhat.com> - 2:8.2.2637-13
|
||||
- CVE-2022-0572 vim: heap overflow in ex_retab() may lead to crash
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user