vim-patch:9.1.0689: [security]: buffer-overflow in do_search() with 'rightleft'

Browse Source

Problem:  buffer-overflow in do_search() with 'rightleft'
          (SuyueGuo)
Solution: after reversing the text (which allocates a new buffer),
          re-calculate the text length

Github Advisory:
https://github.com/vim/vim/security/advisories/GHSA-v2x2-cjcg-f9jm

cacb6693c1

Add missing change from patch 8.1.1270.
Omit `call delete('Untitled')`: moved again in patch 9.1.0695.

Co-authored-by: Christian Brabandt <cb@256bit.org>
(cherry picked from commit 69a9a25fcc)

...

This commit is contained in:

zeertzjq

2025-10-02 07:50:00 +08:00

committed by github-actions[bot]

parent dd79bc8360

commit 8634a46165

3 changed files with 10 additions and 1 deletions

Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL

Download Patch File Download Diff File Expand all files Collapse all files

BIN

test/old/testdir/crash/reverse_text_overflow Normal file

Binary file not shown.