patch 9.1.1683: xxd: Avoid null dereference in autoskip colorless

Commit: 
https://github.com/vim/vim/commit/b922b30cfe4c044c83bac3cc908084ed20a83598
Author: Joakim Nohlgård <joa...@nohlgard.se>
Date:   Sun Aug 24 12:36:44 2025 +0200

    patch 9.1.1683: xxd: Avoid null dereference in autoskip colorless
    
    Problem:  xxd: Avoid null dereference in autoskip colorless
    Solution: Verify that colors is not null (Joakim Nohlgård)
    
    Fixes bug introduced in 6897f18ee6e5bb78b32c97616e484030fd514750
    (v9.1.1459) which does a memcpy from NULL when color=never and the
    autoskip option is used.
    
    Before:
    
    dd if=/dev/zero bs=100 count=1 status=none | xxd -a -R never
    00000000: 0000 0000 0000 0000 0000 0000 0000 0000  ................
    Segmentation fault (core dumped)
    
    After:
    
    dd if=/dev/zero bs=100 count=1 status=none | ./xxd/xxd -a -R never
    00000000: 0000 0000 0000 0000 0000 0000 0000 0000  ................
    *
    00000060: 0000 0000                                ....
    
    closes: #18008
    
    Signed-off-by: Joakim Nohlgård <joa...@nohlgard.se>
    Signed-off-by: Christian Brabandt <c...@256bit.org>

diff --git a/src/testdir/test_xxd.vim b/src/testdir/test_xxd.vim
index 477af7a54..b98988157 100644
--- a/src/testdir/test_xxd.vim
+++ b/src/testdir/test_xxd.vim
@@ -701,4 +701,28 @@ func Test_xxd_overflow()
   call assert_equal(expected, getline(1, 5))
   bw!
 endfunc
+
+" this caused a NULL derefence
+func Test_xxd_null_dereference()
+  CheckUnix
+  CheckExecutable /bin/true
+  new
+  " we are only checking, that there are addresses in the first 5 lines
+  let expected = [
+        \ '00000000: ',
+        \ '00000010: ',
+        \ '00000020: ',
+        \ '00000030: ',
+        \ '00000040: ']
+  exe "0r! " s:xxd_cmd "-a -R never /bin/true 2>&1"
+  " there should be more than 6 lines
+  call assert_true(line('$') > 5)
+  " there should not be an ASAN error message
+  call getline(1, '$')->join('
')->assert_notmatch('runtime error')
+  6,$d
+  %s/^\x\+: \zs.*//g
+  call assert_equal(expected, getline(1, 5))
+  bw!
+endfunc
+
 " vim: shiftwidth=2 sts=2 expandtab
diff --git a/src/version.c b/src/version.c
index 5ac3db391..4f3912aed 100644
--- a/src/version.c
+++ b/src/version.c
@@ -724,6 +724,8 @@ static char *(features[]) =
 
 static int included_patches[] =
 {   /* Add new patch number below this line */
+/**/
+    1683,
 /**/
     1682,
 /**/
diff --git a/src/xxd/xxd.c b/src/xxd/xxd.c
index 0c70b5a95..b46cee41f 100644
--- a/src/xxd/xxd.c
+++ b/src/xxd/xxd.c
@@ -70,6 +70,7 @@
  * 15.06.2025  improve color code logic
  * 08.08.2025  fix overflow with bitwise output
  * 20.08.2025  remove external library call for autoconversion on z/OS (MVS)
+ * 24.08.2025  avoid NULL dereference with autoskip colorless
  *
  * (c) 1990-1998 by Juergen Weigert (jnwei...@gmail.com)
  *
@@ -150,7 +151,7 @@ extern void perror __P((char *));
 # endif
 #endif
 
-char version[] = "xxd 2025-08-20 by Juergen Weigert et al.";
+char version[] = "xxd 2025-08-24 by Juergen Weigert et al.";
 #ifdef WIN32
 char osver[] = " (Win32)";
 #else
@@ -599,7 +600,10 @@ xxdline(FILE *fp, char *l, char *colors, int nz)
   if (!nz && zero_seen == 1)
     {
       strcpy(z, l);
-      memcpy(z_colors, colors, strlen(z));
+      if (colors)
+       {
+         memcpy(z_colors, colors, strlen(z));
+       }
     }
 
   if (nz || !zero_seen++)

-- 
-- 
You received this message from the "vim_dev" maillist.
Do not top-post! Type your reply below the text you are replying to.
For more information, visit http://www.vim.org/maillist.php

--- 
You received this message because you are subscribed to the Google Groups 
"vim_dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to vim_dev+unsubscr...@googlegroups.com.
To view this discussion visit 
https://groups.google.com/d/msgid/vim_dev/E1uq8Dg-00Gi0S-5q%40256bit.org.

Raspunde prin e-mail lui