mirrors/neovim
1
0
Fork 0
mirror of https://github.com/neovim/neovim.git synced 2025-09-28 22:18:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

vim-patch:9.1.0254: [security]: Heap buffer overflow when calling complete_add() in 'cfu'

Browse Source 
Problem:  [security]: Heap buffer overflow when calling complete_add()
          in the first call of 'completefunc'
Solution: Call check_cursor() after calling 'completefunc' (zeertzjq)

closes: vim/vim#14391

0a419e07a7
This commit is contained in:
zeertzjq
2024-04-03 05:53:08 +08:00
parent a941207523
commit aeabd8e245
2 changed files with 25 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/nvim/insexpand.c
View File

@@ -2435,7 +2435,8 @@ static void expand_by_function(int type, char *base)
}
textlock--;
curwin->w_cursor = pos; // restore the cursor position
curwin->w_cursor = pos; // restore the cursor position
check_cursor(curwin); // make sure cursor position is valid, just in case
validate_cursor(curwin);
if (!equalpos(curwin->w_cursor, pos)) {
emsg(_(e_compldel));
@@ -4059,6 +4060,7 @@ static int get_userdefined_compl_info(colnr_T curs_col)
State = save_State;
curwin->w_cursor = pos; // restore the cursor position
check_cursor(curwin); // make sure cursor position is valid, just in case
validate_cursor(curwin);
if (!equalpos(curwin->w_cursor, pos)) {
emsg(_(e_compldel));