On So, 03 Sep 2023, Yegappan Lakshmanan wrote:
> On Sun, Sep 3, 2023 at 11:30 AM Christian Brabandt <cbli...@256bit.org> wrote: > > > > patch 9.0.1857: [security] heap-use-after-free in is_qf_win() > > > > Commit: > > https://github.com/vim/vim/commit/fc68299d436cf87453e432daa77b6d545df4d7ed > > Author: Christian Brabandt <c...@256bit.org> > > Date: Sun Sep 3 20:20:52 2023 +0200 > > > > patch 9.0.1857: [security] heap-use-after-free in is_qf_win() > > > > Problem: heap-use-after-free in is_qf_win() > > Solution: Check buffer is valid before accessing it > > > > Signed-off-by: Christian Brabandt <c...@256bit.org> > > > > diff --git a/src/testdir/crash/bt_quickfix_poc > > b/src/testdir/crash/bt_quickfix_poc > > new file mode 100644 > > index 000000000..bf02b4dcb > > --- /dev/null > > +++ b/src/testdir/crash/bt_quickfix_poc > > @@ -0,0 +1,9 @@ > > +comman!-narg=* Xexpr <mods>lex<args> > > +auto BufReadPre * exe"sn" ..expand("<abuf>") > > +fu Xautocmd_changelist() > > +cal writefile(['Xtestfile2:4:4'],'Xerr') > > + sil! edi Xerr > > +Xexpr 'Xtestfile:4:4' > > +endf > > +call Xautocmd_changelist() > > +call Xautocmd_changelist() > > \ No newline at end of file > > > > Is there supposed to be a newline at the end of this file? I guess not... Thanks, Christian -- I pledge allegiance to the flag of the United States of America and to the republic for which it stands, one nation, indivisible, with liberty and justice for all. -- Francis Bellamy, 1892 -- -- You received this message from the "vim_dev" maillist. Do not top-post! Type your reply below the text you are replying to. For more information, visit http://www.vim.org/maillist.php --- You received this message because you are subscribed to the Google Groups "vim_dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to vim_dev+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/vim_dev/ZPTk%2BvjG5LmqI8A0%40256bit.org.
