Headline
CVE-2023-1175: patch 9.0.1378: illegal memory access when using virtual editing · vim/vim@c99cbf8
Incorrect Calculation of Buffer Size in GitHub repository vim/vim prior to 9.0.1378.
Skip to content
Actions
Automate any workflow
Packages
Host and manage packages
Security
Find and fix vulnerabilities
Codespaces
Instant dev environments
Copilot
Write better code with AI
Code review
Manage code changes
Issues
Plan and track work
Discussions
Collaborate outside of code
* Explore
* All features
* Documentation
* GitHub Skills
* Blog
For
Enterprise
Teams
Startups
Education
By Solution
CI/CD & Automation
DevOps
DevSecOps
Case Studies
Customer Stories
Resources
GitHub Sponsors
Fund open source developers
* The ReadME Project
GitHub community articles
* Repositories
* Topics
* Trending
* Collections
Pricing
Notifications
Fork 4.6k
Code
Issues 1.3k
Pull requests 155
Actions
Projects
Wiki
Security
Insights
Permalink
Browse files
patch 9.0.1378: illegal memory access when using virtual editing
Problem: Illegal memory access when using virtual editing. Solution: Make sure “startspaces” is not negative.
- Loading branch information
Showing 3 changed files with 14 additions and 0 deletions.
- register.c
- test_virtualedit.vim
- version.c
@@ -1245,6 +1245,8 @@ op_yank(oparg_T *oap, int deleting, int mess)
// double-count it.
bd.startspaces = (ce - cs + 1)
- oap->start.coladd;
if (bd.startspaces < 0)
bd.startspaces = 0;
startcol++;
}
}
@@ -88,6 +88,16 @@ func Test_edit_change()
set virtualedit=
endfunc
func Test_edit_special_char()
new
se ve=all
norm a0
sil! exe “norm o00000\<Nul>k<a0s”
bwipe!
set virtualedit=
endfunc
" Tests for pasting at the beginning, end and middle of a tab character
" in virtual edit mode.
func Test_paste_in_tab()
@@ -695,6 +695,8 @@ static char *(features[]) =
static int included_patches[] =
{ /* Add new patch number below this line */
/**/
1378,
/**/
1377,
/**/
0 comments on commit c99cbf8
Please sign in to comment.
Related news
Dell VxRail, version(s) 8.0.100 and earlier contain a denial-of-service vulnerability in the upgrade functionality. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to degraded performance and system malfunction.
Ubuntu Security Notice 5963-1 - It was discovered that Vim was not properly performing memory management operations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. It was discovered that Vim was not properly performing memory management operations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 22.10.