summaryrefslogtreecommitdiffstats
path: root/debian/patches/CVE-2022-2000.patch
diff options
context:
space:
mode:
Diffstat (limited to 'debian/patches/CVE-2022-2000.patch')
-rw-r--r--debian/patches/CVE-2022-2000.patch65
1 files changed, 65 insertions, 0 deletions
diff --git a/debian/patches/CVE-2022-2000.patch b/debian/patches/CVE-2022-2000.patch
new file mode 100644
index 0000000..7f1a1e6
--- /dev/null
+++ b/debian/patches/CVE-2022-2000.patch
@@ -0,0 +1,65 @@
+From 44a3f3353e0407e9fffee138125a6927d1c9e7e5 Mon Sep 17 00:00:00 2001
+From: Bram Moolenaar <Bram@vim.org>
+Date: Mon, 6 Jun 2022 15:38:21 +0100
+Subject: [PATCH] patch 8.2.5063: error for a command may go over the end of
+ IObuff
+
+Problem: Error for a command may go over the end of IObuff.
+Solution: Truncate the message.
+---
+ src/ex_docmd.c | 12 ++++++++++--
+ src/testdir/test_cmdline.vim | 5 +++++
+ src/version.c | 2 ++
+ 3 files changed, 17 insertions(+), 2 deletions(-)
+
+diff --git a/src/ex_docmd.c b/src/ex_docmd.c
+index cfb40e8d5cfa..634a1bcef566 100644
+--- a/src/ex_docmd.c
++++ b/src/ex_docmd.c
+@@ -3111,9 +3111,17 @@ parse_cmd_address(exarg_T *eap, char **errormsg, int silent)
+ static void
+ append_command(char_u *cmd)
+ {
+- char_u *s = cmd;
+- char_u *d;
++ size_t len = STRLEN(IObuff);
++ char_u *s = cmd;
++ char_u *d;
+
++ if (len > IOSIZE - 100)
++ {
++ // Not enough space, truncate and put in "...".
++ d = IObuff + IOSIZE - 100;
++ d -= mb_head_off(IObuff, d);
++ STRCPY(d, "...");
++ }
+ STRCAT(IObuff, ": ");
+ d = IObuff + STRLEN(IObuff);
+ while (*s != NUL && d - IObuff + 5 < IOSIZE)
+diff --git a/src/testdir/test_cmdline.vim b/src/testdir/test_cmdline.vim
+index 77965b3f65a3..2289c343e9f8 100644
+--- a/src/testdir/test_cmdline.vim
++++ b/src/testdir/test_cmdline.vim
+@@ -657,3 +657,9 @@
+
+
+ set cpo&
++
++func Test_long_error_message()
++ " the error should be truncated, not overrun IObuff
++ silent! norm Q00000000000000     000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000                                                                                                                                                                                                                        
++endfunc
++
+diff --git a/src/version.c b/src/version.c
+index 542028606dde..dd585c81afe9 100644
+--- a/src/version.c
++++ b/src/version.c
+@@ -791,6 +791,8 @@ static char *(features[]) =
+
+ static int included_patches[] =
+ { /* Add new patch number below this line */
++/**/
++ 5063,
+ /**/
+ 5043,
+ /**/