vim-patch:9.1.0689: [security]: buffer-overflow in do_search() with 'rightleft'

mirror of https://github.com/neovim/neovim.git synced 2025-10-04 00:46:30 +00:00

Problem:  buffer-overflow in do_search() with 'rightleft'
          (SuyueGuo)
Solution: after reversing the text (which allocates a new buffer),
          re-calculate the text length

Github Advisory:
https://github.com/vim/vim/security/advisories/GHSA-v2x2-cjcg-f9jm

cacb6693c1

Add missing change from patch 8.1.1270.
Omit `call delete('Untitled')`: moved again in patch 9.1.0695.

Co-authored-by: Christian Brabandt <cb@256bit.org>

This commit is contained in:

zeertzjq

2025-10-02 07:50:00 +08:00

parent 43f7434bd5

commit 69a9a25fcc

3 changed files with 10 additions and 1 deletions

BIN
test/old/testdir/crash/reverse_text_overflow Normal file

View File

Binary file not shown.

vim-patch:9.1.0689: [security]: buffer-overflow in do_search() with 'rightleft'

BIN test/old/testdir/crash/reverse_text_overflow Normal file View File

BIN
test/old/testdir/crash/reverse_text_overflow Normal file

View File