From cbedd7c5597b906e5de95debeced81743a21a9f1 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Wed, 8 May 2024 07:05:34 +0200 Subject: Merging debian version 2:8.1.0875-5+deb10u3. Signed-off-by: Daniel Baumann --- debian/patches/CVE-2022-1851.patch | 44 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 44 insertions(+) create mode 100644 debian/patches/CVE-2022-1851.patch (limited to 'debian/patches/CVE-2022-1851.patch') diff --git a/debian/patches/CVE-2022-1851.patch b/debian/patches/CVE-2022-1851.patch new file mode 100644 index 0000000..1b84df9 --- /dev/null +++ b/debian/patches/CVE-2022-1851.patch @@ -0,0 +1,44 @@ +From: Markus Koschany +Date: Wed, 2 Nov 2022 15:12:10 +0100 +Subject: CVE-2022-1851 + +Origin: https://github.com/vim/vim/commit/78d52883e10d71f23ab72a3d8b9733b00da8c9ad +--- + src/ops.c | 3 +++ + src/testdir/test_textformat.vim | 12 ++++++++++++ + 2 files changed, 15 insertions(+) + +diff --git a/src/ops.c b/src/ops.c +index 4c81922..84b5f90 100644 +--- a/src/ops.c ++++ b/src/ops.c +@@ -4778,6 +4778,9 @@ op_format( + { + curwin->w_cursor = saved_cursor; + saved_cursor.lnum = 0; ++ ++ // formatting may have made the cursor position invalid ++ check_cursor(); + } + + if (oap->is_VIsual) +diff --git a/src/testdir/test_textformat.vim b/src/testdir/test_textformat.vim +index 13fb50b..508e18b 100644 +--- a/src/testdir/test_textformat.vim ++++ b/src/testdir/test_textformat.vim +@@ -489,3 +489,15 @@ func Test_format_list_auto() + bwipe! + set fo& ai& bs& + endfunc ++ ++" This was leaving the cursor after the end of a line. Complicated way to ++" have the problem show up with valgrind. ++func Test_correct_cursor_position() ++ set encoding=iso8859 ++ new ++ norm a0000 ++ sil! norm gggg0i0gw0gg ++ ++ bwipe! ++ set encoding=utf8 ++endfunc -- cgit v1.2.3