debian/patches/CVE-2022-0572.patch


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25

From: Markus Koschany <apo@debian.org>
Date: Sun, 30 Oct 2022 20:40:53 +0100
Subject: CVE-2022-0572

Origin: https://github.com/vim/vim/commit/6e28703a8e41f775f64e442c5d11ce1ff599aa3f
---
 src/ex_cmds.c              |  4 ++++
 src/testdir/test_retab.vim | 19 +++++++++++++++++++
 2 files changed, 23 insertions(+)

diff --git a/src/ex_cmds.c b/src/ex_cmds.c
index 5ad8913..b3be24e 100644
--- a/src/ex_cmds.c
+++ b/src/ex_cmds.c
@@ -821,6 +821,10 @@ ex_retab(exarg_T *eap)
 	    if (ptr[col] == NUL)
 		break;
 	    vcol += chartabsize(ptr + col, (colnr_T)vcol);
+	    if (vcol >= MAXCOL)
+	    {
+		break;
+	    }
 	    if (has_mbyte)
 		col += (*mb_ptr2len)(ptr + col);
 	    else