!246 fix CVE-2022-2124

From: @lauk001 
Reviewed-by: @xiezhipeng1 
Signed-off-by: @xiezhipeng1

backport-CVE-2022-2124.patch

@@ -0,0 +1,35 @@
+From e4463991b2c9243ae93462118b6d6f648852bb0c Mon Sep 17 00:00:00 2001
+From: lauk001 <liukuo@kylinos.cn>
+Date: Tue, 21 Jun 2022 13:43:57 +0800
+Subject: [PATCH] CVE-2022-2124
+
+Signed-off-by: lauk001 <liukuo@kylinos.cn>
+---
+ src/search.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/src/search.c b/src/search.c
+index 75f0c59..87acb33 100644
+--- a/src/search.c
++++ b/src/search.c
+@@ -4589,11 +4589,17 @@ current_quote(
+ 
+ 	// Find out if we have a quote in the selection.
+ 	while (i <= col_end)
++	{
++	    // check for going over the end of the line, which can happen if
++	    // the line was changed after the Visual area was selected.
++	    if (line[i] == NUL)
++		break;
+ 	    if (line[i++] == quotechar)
+ 	    {
+ 		selected_quote = TRUE;
+ 		break;
+ 	    }
++	}
+     }
+ 
+     if (!vis_empty && line[col_start] == quotechar)
+-- 
+2.33.0
+

vim.spec

@@ -12,7 +12,7 @@
 Name:           vim
 Epoch:          2
 Version:        8.2
-Release:        38
+Release:        39
 Summary:        Vim is a highly configurable text editor for efficiently creating and changing any kind of text.
 License:        Vim and MIT
 URL:            http://www.vim.org
@@ -109,6 +109,7 @@ Patch6072:      backport-CVE-2022-1619.patch
 Patch6073:      backport-CVE-2022-1733.patch
 Patch6074:      backport-CVE-2022-1735.patch
 Patch6075:      backport-CVE-2022-1771.patch
+Patch6076:      backport-CVE-2022-2124.patch
 
 Patch9000:      bugfix-rm-modify-info-version.patch
 
@@ -497,6 +498,12 @@ popd
 %{_mandir}/man1/evim.*
 
 %changelog
+* Thu Jun 23 2022 liukuo <liukuo@kylinos.cn> - 2:8.2-39
+- Type:CVE
+- ID:CVE-2022-2124
+- SUG:NA
+- DESC:fix CVE-2022-2124
+
 * Tue Jun 21 2022 dongyuzhen <dongyuzhen@h-partners.com> - 2:8.2-38
 - Type:CVE
 - ID:CVE-2022-1771