mirrors/neovim
1
0
Fork 0
mirror of https://github.com/neovim/neovim.git synced 2026-05-01 11:34:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

vim-patch:9.1.0697: [security]: heap-buffer-overflow in ins_typebuf (#37372)

Browse Source 
Problem:  heap-buffer-overflow in ins_typebuf
          (SuyueGuo)
Solution: When flushing the typeahead buffer, validate that there
          is enough space left

Github Advisory:
https://github.com/vim/vim/security/advisories/GHSA-4ghr-c62x-cqfh

322ba91086

Co-authored-by: Christian Brabandt <cb@256bit.org>
This commit is contained in:
Jan Edmund Lazo
2026-01-15 00:35:21 -05:00
committed by GitHub
parent 86c939ba91
commit 5042394241
3 changed files with 17 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
test/old/testdir/test_crash.vim
View File

@@ -220,6 +220,13 @@ func Test_crash1_3()
call term_sendkeys(buf, args)
call TermWait(buf, 150)
let file = 'crash/heap_overflow3'
let cmn_args = "%s -u NONE -i NONE -n -X -m -n -e -s -S %s -c ':qa!'"
let args = printf(cmn_args, vim, file)
call term_sendkeys(buf, args)
call TermWait(buf, 150)
" clean up
exe buf .. "bw!"
bw!