Chris Drake wrote:
> It's possible to craft a malformed .swp file that causes vim to crash > in a way that completely locks up a terminal. I can't do much without such a .swp file. To be able to reproduce the problem I would need both the original file and the .swp file that has the problem. Your text suggests that you know how to make a .swp file that causes the problem. Please share that with me. Don't send to the list if you think this may help malicious people to misuse the info. 6.3.82 is quite old, it's very well possible that the problem got fixed in the mean time. Can you reproduce the problem with Vim 7.1? The swap file should be compatible. > Vim: Caught deadly signal ABRT > > (at this point - the terminal is completely locked up - ^C etc all > have no effect. kill also has no effect. kill-9 from another session > ended it OK) You may need to reset the terminal (in xterm that's done by pressing CTRL and the middle mouse button, select "Do Full reset"). Sometimes typing "reset<CR>reset<CR>" works. Vim switches off echo, so you may not see what you type. > ------------------------ > Here's some version info > ------------------------ > > I think vim is used for lots of things, including at least editing > crontab files (after copy stuff to /tmp) - thus - a malicious local > user could place crafted .swp files in /tmp (or elsewhere that they > might have access to) to "crash" (DoS) anyone elses future VIM > sessions. Depending on the error - it might be possible to exploit > this to run arbitrary code elevated to the vim users permissions (the > error reports as *either* "double free" (hard to exploit) or > "corruption" (probably a buffer overflow - easy to exploit)) I think that would be really hard to do, but it can't be ruled out. -- hundred-and-one symptoms of being an internet addict: 88. Every single time you press the 'Get mail' button...it does get new mail. /// Bram Moolenaar -- [EMAIL PROTECTED] -- http://www.Moolenaar.net \\\ /// sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\ \\\ download, build and distribute -- http://www.A-A-P.org /// \\\ help me help AIDS victims -- http://ICCF-Holland.org /// --~--~---------~--~----~------------~-------~--~----~ You received this message from the "vim_dev" maillist. For more information, visit http://www.vim.org/maillist.php -~----------~----~----~----~------~----~------~--~---
