Hi Christian, We've identified a *SIGSEGV crash in Vim at malloc() (__libc_calloc)* that might be related to issues when *writing to the .viminfo file* during the *exit process*. It looks like *Vim is failing* to *write to the .viminfo file, here " write_viminfo() "* function is called, Can you please help us point out some CVE's that might address this issue of segmentation fault or memory corruption.
*In ALMA we have this CVE's fixed * 8.0.1763-19.2 onwards*:* 2022-06-14 - Zdenek Dohnal <[email protected]> - 2:8.0.1763-19.4 - fix issue reported by covscan2022-06-13 - Zdenek Dohnal <[email protected]> - 2:8.0.1763-19.3 - CVE-2022-1785 vim: Out-of-bounds Write - CVE-2022-1897 vim: out-of-bounds write in vim_regsub_both() in regexp.c - CVE-2022-1927 vim: buffer over-read in utf_ptr2char() in mbyte.c Regards, Varun Bali On Wednesday, November 1, 2023 at 12:30:37 PM UTC+5:30 Christian Brabandt wrote: > > On Di, 31 Okt 2023, varun bali wrote: > > > We can only take latest from ALMA repository i.e. a limitation of > delivering to our customer. if you can point out any bugs that have been > fixed for segmentation faults or related to corrupt memory allocation in > lower version then we can consider taking from master. > > ALMA latest rpm link: > > Well, yes, there have been many bugs fixed since 8.0.1763, after all > 8.0.1763 has been released more than 5 years ago. > You can check yourself: > > git log --reverse v8.0.1763..master > > There have been many security related fixes in between, as well as asan > fixes and other potential crashes. > > Thanks, > Christian > -- > It is the wise bird who builds his nest in a tree. > -- -- You received this message from the "vim_dev" maillist. Do not top-post! Type your reply below the text you are replying to. For more information, visit http://www.vim.org/maillist.php --- You received this message because you are subscribed to the Google Groups "vim_dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/vim_dev/d8d83020-6edd-40b9-bca4-0651f362eee9n%40googlegroups.com.
