summaryrefslogtreecommitdiffstats
path: root/debian/patches/CVE-2022-3134.patch
blob: 16f8949cd60204f5bae3c734135844ef653cc792 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
From: Markus Koschany <apo@debian.org>
Date: Mon, 7 Nov 2022 00:33:16 +0100
Subject: CVE-2022-3134

Origin: https://github.com/vim/vim/commit/ccfde4d028e891a41e3548323c3d47b06fb0b83e
---
 src/tag.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/src/tag.c b/src/tag.c
index 4e96da3..6fcd6ee 100644
--- a/src/tag.c
+++ b/src/tag.c
@@ -539,6 +539,15 @@ do_tag(
 		max_num_matches = MAXCOL; /* If less than max_num_matches
 					     found: all matches found. */
 
+	    // A tag function may do anything, which may cause various
+	    // information to become invalid.  At least check for the tagstack
+	    // to still be the same.
+	    if (tagstack != curwin->w_tagstack)
+	    {
+		FreeWild(new_num_matches, new_matches);
+		break;
+	    }
+
 	    /* If there already were some matches for the same name, move them
 	     * to the start.  Avoids that the order changes when using
 	     * ":tnext" and jumping to another file. */