packages/vim
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix CVE-2022-3037

Browse Source
This commit is contained in:
yinyongkang 2022-09-05 15:33:17 +08:00
parent c96efdc0e7
commit d7d02fd86d
2 changed files with 64 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
backport-CVE-2022-3037.patch Normal file
View File

@ -0,0 +1,56 @@
From 4f1b083be43f351bc107541e7b0c9655a5d2c0bb Mon Sep 17 00:00:00 2001
From: Bram Moolenaar <Bram@vim.org>
Date: Mon, 29 Aug 2022 20:45:16 +0100
Subject: [PATCH] patch 9.0.0322: crash when no errors and 'quickfixtextfunc'
is set
Problem: Crash when no errors and 'quickfixtextfunc' is set.
Solution: Do not handle errors if there aren't any.
---
src/quickfix.c | 2 +-
src/testdir/test_quickfix.vim | 16 ++++++++++++++++
2 files changed, 17 insertions(+), 1 deletion(-)
diff --git a/src/quickfix.c b/src/quickfix.c
index f6851ef..edf262c 100644
--- a/src/quickfix.c
+++ b/src/quickfix.c
@@ -4743,7 +4743,7 @@ qf_fill_buffer(qf_list_T *qfl, buf_T *buf, qfline_T *old_last, int qf_winid)
}
// Check if there is anything to display
- if (qfl != NULL)
+ if (qfl != NULL && qfl->qf_start != NULL)
{
char_u dirname[MAXPATHL];
int invalid_val = FALSE;
diff --git a/src/testdir/test_quickfix.vim b/src/testdir/test_quickfix.vim
index cf803ca..27bed51 100644
--- a/src/testdir/test_quickfix.vim
+++ b/src/testdir/test_quickfix.vim
@@ -4090,6 +4090,22 @@ func Xgetlist_empty_tests(cchar)
endif
endfunc
+func Test_empty_list_quickfixtextfunc()
+ " This was crashing. Can only reproduce by running it in a separate Vim
+ " instance.
+ let lines =<< trim END
+ func s:Func(o)
+ cgetexpr '0'
+ endfunc
+ cope
+ let &quickfixtextfunc = 's:Func'
+ cgetfile [ex
+ END
+ call writefile(lines, 'Xquickfixtextfunc')
+ call RunVim([], [], '-e -s -S Xquickfixtextfunc -c qa')
+ call delete('Xquickfixtextfunc')
+endfunc
+
func Test_getqflist()
call Xgetlist_empty_tests('c')
call Xgetlist_empty_tests('l')
--
2.33.0

9
vim.spec
View File

@ -12,7 +12,7 @@
Name: vim Name: vim
Epoch: 2 Epoch: 2
Version: 9.0 Version: 9.0
Release: 10 Release: 11
Summary: Vim is a highly configurable text editor for efficiently creating and changing any kind of text. Summary: Vim is a highly configurable text editor for efficiently creating and changing any kind of text.
License: Vim and MIT License: Vim and MIT
URL: http://www.vim.org URL: http://www.vim.org
@ -59,6 +59,7 @@ Patch6028: backport-CVE-2022-2946.patch
Patch6029: backport-CVE-2022-2980.patch Patch6029: backport-CVE-2022-2980.patch
Patch6030: backport-CVE-2022-2982.patch Patch6030: backport-CVE-2022-2982.patch
Patch6031: backport-CVE-2022-3016.patch Patch6031: backport-CVE-2022-3016.patch
Patch6032: backport-CVE-2022-3037.patch
Patch9000: bugfix-rm-modify-info-version.patch Patch9000: bugfix-rm-modify-info-version.patch
@ -457,6 +458,12 @@ LC_ALL=en_US.UTF-8 make -j1 test
%{_mandir}/man1/evim.* %{_mandir}/man1/evim.*
%changelog %changelog
* Wed Aug 31 2022 yinyongkang <yinyongkang@kylinos.cn> - 2:9.0-11
- Type:CVE
- ID:CVE-2022-3037
- SUG:NA
- DESC:fix CVE-2022-3037
* Mon Aug 29 2022 shixuantong <shixuantong@h-partners.com> - 2:9.0-10 * Mon Aug 29 2022 shixuantong <shixuantong@h-partners.com> - 2:9.0-10
- Type:CVE - Type:CVE
- ID:CVE-2022-3016 - ID:CVE-2022-3016