mirrors/neovim
1
0
Fork 0
mirror of https://github.com/neovim/neovim.git synced 2025-10-15 22:36:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

vim-patch:9.1.0678: [security]: use-after-free in alist_add()

Browse Source 
Problem:  [security]: use-after-free in alist_add()
          (SuyueGuo)
Solution: Lock the current window, so that the reference to
          the argument list remains valid.

This fixes CVE-2024-43374

0a6e57b09b

Co-authored-by: Christian Brabandt <cb@256bit.org>
This commit is contained in:
zeertzjq
2024-08-16 09:00:50 +08:00
parent 8b8096500d
commit b3d291c565
6 changed files with 50 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/nvim/buffer_defs.h
View File

@@ -1045,7 +1045,7 @@ struct window_S {
win_T *w_prev; ///< link to previous window
win_T *w_next; ///< link to next window
bool w_closing; ///< window is being closed, don't let
bool w_locked; ///< window is being closed, don't let
///< autocommands close it too.
frame_T *w_frame; ///< frame containing this window