From 37406d9074654510ff5ed9362800a23a943d80f4 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Wed, 8 May 2024 07:08:16 +0200 Subject: Adding debian version 2:8.1.0875-5+deb10u4. Signed-off-by: Daniel Baumann --- debian/patches/CVE-2022-2000.patch | 65 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 65 insertions(+) create mode 100644 debian/patches/CVE-2022-2000.patch (limited to 'debian/patches/CVE-2022-2000.patch') diff --git a/debian/patches/CVE-2022-2000.patch b/debian/patches/CVE-2022-2000.patch new file mode 100644 index 0000000..7f1a1e6 --- /dev/null +++ b/debian/patches/CVE-2022-2000.patch @@ -0,0 +1,65 @@ +From 44a3f3353e0407e9fffee138125a6927d1c9e7e5 Mon Sep 17 00:00:00 2001 +From: Bram Moolenaar +Date: Mon, 6 Jun 2022 15:38:21 +0100 +Subject: [PATCH] patch 8.2.5063: error for a command may go over the end of + IObuff + +Problem: Error for a command may go over the end of IObuff. +Solution: Truncate the message. +--- + src/ex_docmd.c | 12 ++++++++++-- + src/testdir/test_cmdline.vim | 5 +++++ + src/version.c | 2 ++ + 3 files changed, 17 insertions(+), 2 deletions(-) + +diff --git a/src/ex_docmd.c b/src/ex_docmd.c +index cfb40e8d5cfa..634a1bcef566 100644 +--- a/src/ex_docmd.c ++++ b/src/ex_docmd.c +@@ -3111,9 +3111,17 @@ parse_cmd_address(exarg_T *eap, char **errormsg, int silent) + static void + append_command(char_u *cmd) + { +- char_u *s = cmd; +- char_u *d; ++ size_t len = STRLEN(IObuff); ++ char_u *s = cmd; ++ char_u *d; + ++ if (len > IOSIZE - 100) ++ { ++ // Not enough space, truncate and put in "...". ++ d = IObuff + IOSIZE - 100; ++ d -= mb_head_off(IObuff, d); ++ STRCPY(d, "..."); ++ } + STRCAT(IObuff, ": "); + d = IObuff + STRLEN(IObuff); + while (*s != NUL && d - IObuff + 5 < IOSIZE) +diff --git a/src/testdir/test_cmdline.vim b/src/testdir/test_cmdline.vim +index 77965b3f65a3..2289c343e9f8 100644 +--- a/src/testdir/test_cmdline.vim ++++ b/src/testdir/test_cmdline.vim +@@ -657,3 +657,9 @@ + + + set cpo& ++ ++func Test_long_error_message() ++ " the error should be truncated, not overrun IObuff ++ silent! norm Q00000000000000     000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000                                                                                                                                                                                                                         ++endfunc ++ +diff --git a/src/version.c b/src/version.c +index 542028606dde..dd585c81afe9 100644 +--- a/src/version.c ++++ b/src/version.c +@@ -791,6 +791,8 @@ static char *(features[]) = + + static int included_patches[] = + { /* Add new patch number below this line */ ++/**/ ++ 5063, + /**/ + 5043, + /**/ -- cgit v1.2.3