mirrors/neovim
1
0
Fork 0
mirror of https://github.com/neovim/neovim.git synced 2026-03-28 03:12:00 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
a416494e648b18a41fd5d1cdcf04ef0e05c15926
neovim/src
History
zeertzjq a416494e64 vim-patch:9.2.0078: [security]: stack-buffer-overflow in build_stl_str_hl() (#38102) 
Problem:  A stack-buffer-overflow occurs when rendering a statusline
          with a multi-byte fill character on a very wide terminal.
          The size check in build_stl_str_hl() uses the cell width
          rather than the byte length, allowing the subsequent fill
          loop to write beyond the 4096-byte MAXPATHL buffer
          (ehdgks0627, un3xploitable).
Solution: Update the size check to account for the byte length of
          the fill character (using MB_CHAR2LEN).

Github Advisory:
https://github.com/vim/vim/security/advisories/GHSA-gmqx-prf2-8mwf

4e5b9e31cb

Co-authored-by: Christian Brabandt <cb@256bit.org>
2026-02-28 09:22:41 +08:00
..
cjson
feat(stdlib): vim.json.decode() can allow comments #37795
2026-02-11 06:54:57 -05:00
gen
fix(help): better align local-additions #38097
2026-02-27 17:50:51 -05:00
klib
refactor: move StringBuilder to types_defs.h (#33745)
2025-05-01 10:06:08 -05:00
man
feat(logging): rename ".nvimlog" => "nvim.log" #37935
2026-02-18 11:58:34 -05:00
mpack
fix(mpack): remove invalid bool definition
2025-01-27 16:57:23 +01:00
nvim
vim-patch:9.2.0078: [security]: stack-buffer-overflow in build_stl_str_hl() (#38102)
2026-02-28 09:22:41 +08:00
tee
fix(install): only install "tee" on Windows #36629
2025-11-19 21:00:56 -08:00
xdiff
refactor: the long goodbye
2023-11-05 20:19:06 +01:00
xxd
build(windows): vendor xxd.c #36746
2025-11-29 23:15:47 -05:00
.luarc.json
build: move all generator scripts to src/gen/
2025-02-26 16:54:37 +00:00
.valgrind.supp
refactor: rename "process" => "proc" #30387
2024-09-15 12:20:58 -07:00
bit.c
build: bump lua-bitop to 1.0.3 #35063
2025-08-02 15:58:11 -07:00
bit.h
feat(lua): make sure require'bit' always works, even with PUC lua 5.1
2023-02-22 22:15:19 +01:00
build_lua.zig
feat(build.zig): add option to use system dependencies
2026-01-13 22:09:03 -05:00
clint.lua
docs: misc, editorconfig
2025-12-15 13:55:15 -05:00
coverity-model.c
refactor(treesitter): handle coverity warnings better
2024-03-20 12:22:54 +00:00
nlua0.c
refactor(build): include lpeg as a library
2023-04-27 11:40:00 +02:00
nlua0.zig
build: make build.zig generate helptags without running "nvim" binary
2025-08-19 11:14:02 +02:00
uncrustify.cfg
refactor: clint.py => clint.lua
2025-12-08 01:43:02 -05:00