Hi Christian, On Sun, Sep 3, 2023 at 11:30 AM Christian Brabandt <cbli...@256bit.org> wrote: > > patch 9.0.1857: [security] heap-use-after-free in is_qf_win() > > Commit: > https://github.com/vim/vim/commit/fc68299d436cf87453e432daa77b6d545df4d7ed > Author: Christian Brabandt <c...@256bit.org> > Date: Sun Sep 3 20:20:52 2023 +0200 > > patch 9.0.1857: [security] heap-use-after-free in is_qf_win() > > Problem: heap-use-after-free in is_qf_win() > Solution: Check buffer is valid before accessing it > > Signed-off-by: Christian Brabandt <c...@256bit.org> > > diff --git a/src/testdir/crash/bt_quickfix_poc > b/src/testdir/crash/bt_quickfix_poc > new file mode 100644 > index 000000000..bf02b4dcb > --- /dev/null > +++ b/src/testdir/crash/bt_quickfix_poc > @@ -0,0 +1,9 @@ > +comman!-narg=* Xexpr <mods>lex<args> > +auto BufReadPre * exe"sn" ..expand("<abuf>") > +fu Xautocmd_changelist() > +cal writefile(['Xtestfile2:4:4'],'Xerr') > + sil! edi Xerr > +Xexpr 'Xtestfile:4:4' > +endf > +call Xautocmd_changelist() > +call Xautocmd_changelist() > \ No newline at end of file >
Is there supposed to be a newline at the end of this file? - Yegappan -- -- You received this message from the "vim_dev" maillist. Do not top-post! Type your reply below the text you are replying to. For more information, visit http://www.vim.org/maillist.php --- You received this message because you are subscribed to the Google Groups "vim_dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to vim_dev+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/vim_dev/CAAW7x7n%3DJxhi6cWecWEPmfA9sNcnQTK6K6Jr2pYYs_MzGZC96A%40mail.gmail.com.
