summaryrefslogtreecommitdiffstats
path: root/debian/patches/CVE-2022-1621.patch
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-08 05:08:28 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-08 05:08:28 +0000
commite1a321ce6150e001d4a94bca2bf901820fcbb29f (patch)
tree41e96f0bb8ad99f91d78a1fb19843e7405a02571 /debian/patches/CVE-2022-1621.patch
parentReleasing progress-linux version 2:8.1.0875-5+deb10u3progress5u1. (diff)
downloadvim-e1a321ce6150e001d4a94bca2bf901820fcbb29f.tar.xz
vim-e1a321ce6150e001d4a94bca2bf901820fcbb29f.zip
Merging debian version 2:8.1.0875-5+deb10u4.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'debian/patches/CVE-2022-1621.patch')
-rw-r--r--debian/patches/CVE-2022-1621.patch114
1 files changed, 114 insertions, 0 deletions
diff --git a/debian/patches/CVE-2022-1621.patch b/debian/patches/CVE-2022-1621.patch
new file mode 100644
index 0000000..29f8532
--- /dev/null
+++ b/debian/patches/CVE-2022-1621.patch
@@ -0,0 +1,114 @@
+From 7c824682d2028432ee082703ef0ab399867a089b Mon Sep 17 00:00:00 2001
+From: Bram Moolenaar <Bram@vim.org>
+Date: Sun, 8 May 2022 22:32:58 +0100
+Subject: [PATCH] patch 8.2.4919: can add invalid bytes with :spellgood
+
+Problem: Can add invalid bytes with :spellgood.
+Solution: Check for a valid word string.
+---
+ src/errors.h | 4 ++++
+ src/mbyte.c | 2 +-
+ src/spellfile.c | 10 ++++++++++
+ src/testdir/test_spell_utf8.vim | 5 +++++
+ src/version.c | 2 ++
+ 5 files changed, 22 insertions(+), 1 deletion(-)
+
+From fe978c2b6bb9d897d962595a4a51dd7a71dc8e89 Mon Sep 17 00:00:00 2001
+From: Bram Moolenaar <Bram@vim.org>
+Date: Sun, 8 May 2022 22:43:51 +0100
+Subject: [PATCH] patch 8.2.4921: spell test fails because of new illegal byte
+ check
+
+Problem: Spell test fails because of new illegal byte check.
+Solution: Remove the test.
+---
+ src/testdir/test_spell.vim | 8 --------
+ src/version.c | 2 ++
+ 2 files changed, 2 insertions(+), 8 deletions(-)
+
+diff --git a/src/mbyte.c b/src/mbyte.c
+index 2b7f9991ae14..a01a05140207 100644
+--- a/src/mbyte.c
++++ b/src/mbyte.c
+@@ -4047,7 +4047,7 @@ utf_find_illegal(void)
+ convert_setup(&vimconv, NULL, NULL);
+ }
+
+-#if defined(FEAT_GUI_GTK) || defined(PROTO)
++#if defined(FEAT_GUI_GTK) || defined(FEAT_SPELL) || defined(PROTO)
+ /*
+ * Return TRUE if string "s" is a valid utf-8 string.
+ * When "end" is NULL stop at the first NUL.
+diff --git a/src/spellfile.c b/src/spellfile.c
+index 22cf82da0872..f0d6d96a47f0 100644
+--- a/src/spellfile.c
++++ b/src/spellfile.c
+@@ -4361,6 +4361,10 @@ store_word(
+ int res = OK;
+ char_u *p;
+
++ // Avoid adding illegal bytes to the word tree.
++ if (enc_utf8 && !utf_valid_string(word, NULL))
++ return FAIL;
++
+ (void)spell_casefold(word, len, foldword, MAXWLEN);
+ for (p = pfxlist; res == OK; ++p)
+ {
+@@ -6167,6 +6171,12 @@ spell_add_word(
+ int i;
+ char_u *spf;
+
++ if (enc_utf8 && !utf_valid_string(word, NULL))
++ {
++ emsg(_("E1280: Illegal character in word"));
++ return;
++ }
++
+ if (idx == 0) /* use internal wordlist */
+ {
+ if (int_wordlist == NULL)
+diff --git a/src/testdir/test_spell_utf8.vim b/src/testdir/test_spell_utf8.vim
+index 79dc3e4a4a62..17fa23555818 100644
+--- a/src/testdir/test_spell.vim
++++ b/src/testdir/test_spell.vim
+@@ -476,16 +476,6 @@
+ bwipe!
+ endfunc
+
+-func Test_spell_single_word()
+- set spell
+- new
+- silent! norm 0R00
+- spell! ßÂ
+- silent 0norm 0r$ Dvz=
+- set nospell
+- bwipe!
+-endfunc
+-
+ let g:test_data_aff1 = [
+ \"SET ISO8859-1",
+ \"TRY esianrtolcdugmphbyfvkwjkqxz-\xEB\xE9\xE8\xEA\xEF\xEE\xE4\xE0\xE2\xF6\xFC\xFB'ESIANRTOLCDUGMPHBYFVKWJKQXZ",
+@@ -936,3 +926,8 @@
+ \"SAL Z S",
+ \ ]
+
++" Invalid bytes may cause trouble when creating the word list.
++func Test_check_for_valid_word()
++ call assert_fails("spellgood! 0\xac", 'E1280:')
++endfunc
++
+diff --git a/src/version.c b/src/version.c
+index f949dd6d7ed0..c4f5655bf6c2 100644
+--- a/src/version.c
++++ b/src/version.c
+@@ -795,6 +795,10 @@ static char *(features[]) =
+ 805,
+ /**/
+ 5024,
++/**/
++ 4921,
++/**/
++ 4919,
+ /**/
+ 4899,
+ /**/