summaryrefslogtreecommitdiffstats
path: root/debian/patches/CVE-2022-0729.patch
blob: 7333268fe789b4d5c650209746480af4e1864c1e (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
From: Markus Koschany <apo@debian.org>
Date: Sun, 30 Oct 2022 22:10:14 +0100
Subject: CVE-2022-0729

Origin: https://github.com/vim/vim/commit/6456fae9ba8e72c74b2c0c499eaf09974604ff30
---
 src/regexp.c                     | 5 +++++
 src/testdir/test_regexp_utf8.vim | 8 ++++++++
 2 files changed, 13 insertions(+)

diff --git a/src/regexp.c b/src/regexp.c
index 6ad928d..33414ce 100644
--- a/src/regexp.c
+++ b/src/regexp.c
@@ -5575,6 +5575,11 @@ regmatch(
 			    if (rex.input == rex.line)
 			    {
 				/* backup to last char of previous line */
+				if (rex.lnum == 0)
+				{
+				    status = RA_NOMATCH;
+				    break;
+				}
 				--rex.lnum;
 				rex.line = reg_getline(rex.lnum);
 				/* Just in case regrepeat() didn't count
diff --git a/src/testdir/test_regexp_utf8.vim b/src/testdir/test_regexp_utf8.vim
index 75485dc..378bc21 100644
--- a/src/testdir/test_regexp_utf8.vim
+++ b/src/testdir/test_regexp_utf8.vim
@@ -215,4 +215,12 @@ func Test_match_invalid_byte()
   call delete('Xinvalid')
 endfunc
 
+func Test_match_too_complicated()
+  set regexpengine=1
+  exe "vsplit \xeb\xdb\x99"
+  silent! buf \&\zs*\zs*0
+  bwipe!
+  set regexpengine=0
+endfunc
+
 " vim: shiftwidth=2 sts=2 expandtab