开源软件构建与测试

_service:tar_scm:vim.spec Changed

@@ -12,7 +12,7 @@
 Name:           vim
 Epoch:          2
 Version:        9.0
-Release:        28
+Release:        31
 Summary:        Vim is a highly configurable text editor for efficiently creating and changing any kind of text.
 License:        Vim and MIT
 URL:            http://www.vim.org
@@ -90,6 +90,10 @@
 Patch6060:      backport-CVE-2023-0433.patch
 Patch6061:      backport-patch-9.0.0024-may-access-part-of-typeahead-buf-that-is-not-filled.patch
 Patch6062:      backport-patch-9.0.1331-illegal-memory-access-when-using-ball-in-Visual-mode.patch
+Patch6063:      backport-CVE-2023-1170.patch
+Patch6064:      backport-CVE-2023-1175.patch
+Patch6065:      backport-CVE-2023-1264.patch
+Patch6066:      backport-vim-7.0-rclocation.patch
 
 Patch9000:      bugfix-rm-modify-info-version.patch
 
@@ -497,6 +501,24 @@
 %{_mandir}/man1/evim.*
 
 %changelog
+* Fri Mar 24 2023 wangjiang <wangjiang37@h-partners.com> - 2:9.0-31
+- Type:bugfix
+- ID:NA
+- SUG:NA
+- DESC:vim reads /etc/vimrc at startup
+
+* Fri Mar 17 2023 wangjiang <wangjiang37@h-partners.com> - 2:9.0-30
+- Type:CVE
+- ID:CVE-2023-1264
+- SUG:NA
+- DESC:CVE-2023-1264
+
+* Wed Mar 08 2023 wangjiang <wangjiang37@h-partners.com> - 2:9.0-29
+- Type:CVE
+- ID:CVE-2023-1170 CVE-2023-1175
+- SUG:NA
+- DESC:CVE-2023-1170 CVE-2023-1175
+
 * Wed Feb 22 2023 wangjiang <wangjiang37@h-partners.com> - 2:9.0-28
 - Type:bugfix
 - ID:NA

_service:tar_scm:backport-CVE-2023-1170.patch Added

@@ -0,0 +1,63 @@
+From 1c73b65229c25e3c1fd8824ba958f7cc4d604f9c Mon Sep 17 00:00:00 2001
+From: Bram Moolenaar <Bram@vim.org>
+Date: Fri, 3 Mar 2023 21:11:52 +0000
+Subject: PATCH patch 9.0.1376: accessing invalid memory with put in Visual
+ block mode
+
+Problem:    Accessing invalid memory with put in Visual block mode.
+Solution:   Adjust the cursor column if needed.
+---
+ src/register.c           | 11 ++++++++++-
+ src/testdir/test_put.vim | 11 +++++++++++
+ 2 files changed, 21 insertions(+), 1 deletion(-)
+
+diff --git a/src/register.c b/src/register.c
+index 4dc0a68fd7a4..461363be378d 100644
+--- a/src/register.c
++++ b/src/register.c
+@@ -1913,7 +1913,7 @@ do_put(
+ 		ptr += yanklen;
+ 
+ 		// insert block's trailing spaces only if there's text behind
+-		if ((j < count - 1 || !shortline) && spaces)
++		if ((j < count - 1 || !shortline) && spaces > 0)
+ 		{
+ 		    vim_memset(ptr, ' ', (size_t)spaces);
+ 		    ptr += spaces;
+@@ -2274,6 +2274,15 @@ do_put(
+     msgmore(nr_lines);
+     curwin->w_set_curswant = TRUE;
+ 
++    // Make sure the cursor is not after the NUL.
++    int len = (int)STRLEN(ml_get_curline());
++    if (curwin->w_cursor.col > len)
++    {
++	if (cur_ve_flags == VE_ALL)
++	    curwin->w_cursor.coladd = curwin->w_cursor.col - len;
++	curwin->w_cursor.col = len;
++    }
++
+ end:
+     if (cmdmod.cmod_flags & CMOD_LOCKMARKS)
+     {
+diff --git a/src/testdir/test_put.vim b/src/testdir/test_put.vim
+index 66438bd3f69c..a6cea74efb6c 100644
+--- a/src/testdir/test_put.vim
++++ b/src/testdir/test_put.vim
+@@ -231,5 +231,16 @@ func Test_put_visual_mode()
+   set selection&
+ endfunc
+ 
++func Test_put_visual_block_mode()
++  enew
++  exe "norm 0R\<CR>\<C-C>V"
++  sil exe "norm \<C-V>c	\<MiddleDrag>"
++  set ve=all
++  sil norm vz=p
++
++  bwipe!
++  set ve=
++endfunc
++
+ 
+ " vim: shiftwidth=2 sts=2 expandtab

_service:tar_scm:backport-CVE-2023-1175.patch Added

@@ -0,0 +1,47 @@
+From c99cbf8f289bdda5d4a77d7ec415850a520330ba Mon Sep 17 00:00:00 2001
+From: Bram Moolenaar <Bram@vim.org>
+Date: Sat, 4 Mar 2023 14:13:10 +0000
+Subject: PATCH patch 9.0.1378: illegal memory access when using virtual
+ editing
+
+Problem:    Illegal memory access when using virtual editing.
+Solution:   Make sure "startspaces" is not negative.
+---
+ src/register.c                   |  2 ++
+ src/testdir/test_virtualedit.vim | 10 ++++++++++
+ 2 files changed, 12 insertions(+)
+
+diff --git a/src/register.c b/src/register.c
+index 461363be378d..f3df79cfd642 100644
+--- a/src/register.c
++++ b/src/register.c
+@@ -1247,6 +1247,8 @@ op_yank(oparg_T *oap, int deleting, int mess)
+ 				// double-count it.
+ 				bd.startspaces = (ce - cs + 1)
+ 							  - oap->start.coladd;
++				if (bd.startspaces < 0)
++				    bd.startspaces = 0;
+ 				startcol++;
+ 			    }
+ 			}
+diff --git a/src/testdir/test_virtualedit.vim b/src/testdir/test_virtualedit.vim
+index 71cea427bac1..edaae678609d 100644
+--- a/src/testdir/test_virtualedit.vim
++++ b/src/testdir/test_virtualedit.vim
+@@ -88,6 +88,16 @@ func Test_edit_change()
+   set virtualedit=
+ endfunc
+ 
++func Test_edit_special_char()
++  new
++  se ve=all
++  norm a&#x16;0
++  sil! exe "norm o00000\<Nul>k<a0s"
++
++  bwipe!
++  set virtualedit=
++endfunc
++
+ " Tests for pasting at the beginning, end and middle of a tab character
+ " in virtual edit mode.
+ func Test_paste_in_tab()

_service:tar_scm:backport-CVE-2023-1264.patch Added

@@ -0,0 +1,137 @@
+From 7ac5023a5f1a37baafbe1043645f97ba3443d9f6 Mon Sep 17 00:00:00 2001
+From: Bram Moolenaar <Bram@vim.org>
+Date: Tue, 7 Mar 2023 21:05:04 +0000
+Subject: PATCH patch 9.0.1392: using NULL pointer with nested :open command
+
+Problem:    Using NULL pointer with nested :open command.
+Solution:   Check that ccline.cmdbuff is not NULL.
+---
+ src/getchar.c                | 17 ++++++++++-------
+ src/testdir/term_util.vim    |  5 +++++
+ src/testdir/test_ex_mode.vim | 22 ++++++++++++++++++++++
+ 3 files changed, 37 insertions(+), 7 deletions(-)
+
+diff --git a/src/getchar.c b/src/getchar.c
+index 6645be8a0ebd..dac57eb26c61 100644
+--- a/src/getchar.c
++++ b/src/getchar.c
+@@ -3019,7 +3019,7 @@ check_end_reg_executing(int advance)
+     static int
+ vgetorpeek(int advance)
+ {
+-    int		c, c1;
++    int		c;
+     int		timedout = FALSE;	// waited for more than 1 second
+ 					// for mapping to complete
+     int		mapdepth = 0;		// check for recursive mapping
+@@ -3386,7 +3386,7 @@ vgetorpeek(int advance)
+ #ifdef FEAT_CMDL_INFO
+ 		showcmd_idx = 0;
+ #endif
+-		c1 = 0;
++		int showing_partial = FALSE;
+ 		if (typebuf.tb_len > 0 && advance && !exmode_active)
+ 		{
+ 		    if (((State & (MODE_NORMAL | MODE_INSERT))
+@@ -3401,7 +3401,7 @@ vgetorpeek(int advance)
+ 			    edit_putchar(typebuf.tb_buftypebuf.tb_off
+ 						+ typebuf.tb_len - 1, FALSE);
+ 			    setcursor(); // put cursor back where it belongs
+-			    c1 = 1;
++			    showing_partial = TRUE;
+ 			}
+ #ifdef FEAT_CMDL_INFO
+ 			// need to use the col and row from above here
+@@ -3420,8 +3420,10 @@ vgetorpeek(int advance)
+ #endif
+ 		    }
+ 
+-		    // this looks nice when typing a dead character map
++		    // This looks nice when typing a dead character map.
++		    // There is no actual command line for get_number().
+ 		    if ((State & MODE_CMDLINE)
++                            && get_cmdline_info()->cmdbuff != NULL
+ #if defined(FEAT_CRYPT) || defined(FEAT_EVAL)
+ 			    && cmdline_star == 0
+ #endif
+@@ -3430,7 +3432,7 @@ vgetorpeek(int advance)
+ 		    {
+ 			putcmdline(typebuf.tb_buftypebuf.tb_off
+ 						+ typebuf.tb_len - 1, FALSE);
+-			c1 = 1;
++			showing_partial = TRUE;
+ 		    }
+ 		}
+ 
+@@ -3466,11 +3468,12 @@ vgetorpeek(int advance)
+ 		if (showcmd_idx != 0)
+ 		    pop_showcmd();
+ #endif
+-		if (c1 == 1)
++                if (showing_partial)	
+ 		{
+ 		    if (State & MODE_INSERT)
+ 			edit_unputchar();
+-		    if (State & MODE_CMDLINE)
++		    if ((State & MODE_CMDLINE)
++					&& get_cmdline_info()->cmdbuff != NULL)
+ 			unputcmdline();
+ 		    else
+ 			setcursor();	// put cursor back where it belongs
+diff --git a/src/testdir/term_util.vim b/src/testdir/term_util.vim
+index 0f0373184505..88e2b33d083b 100644
+--- a/src/testdir/term_util.vim
++++ b/src/testdir/term_util.vim
+@@ -55,6 +55,7 @@ endfunc
+ " "cols" - width of the terminal window (max. 78)
+ " "statusoff" - number of lines the status is offset from default
+ " "wait_for_ruler" - if zero then don't wait for ruler to show
++" "no_clean" - if non-zero then remove "--clean" from the command
+ func RunVimInTerminal(arguments, options)
+   " If Vim doesn't exit a swap file remains, causing other tests to fail.
+   " Remove it here.
+@@ -91,6 +92,10 @@ func RunVimInTerminal(arguments, options)
+ 
+   let cmd = GetVimCommandCleanTerm() .. reset_u7 .. a:arguments
+ 
++  if get(a:options, 'no_clean', 0)
++    let cmd = substitute(cmd, '--clean', '', '')
++  endif
++
+   let options = #{curwin: 1}
+   if &termwinsize == ''
+     let options.term_rows = rows
+diff --git a/src/testdir/test_ex_mode.vim b/src/testdir/test_ex_mode.vim
+index a6602227638a..d03ec8f2d81d 100644
+--- a/src/testdir/test_ex_mode.vim
++++ b/src/testdir/test_ex_mode.vim
+@@ -134,6 +134,28 @@ func Test_open_command_flush_line()
+   bwipe!
+ endfunc
+ 
++" FIXME: this doesn't fail without the fix but hangs
++func Skip_Test_open_command_state()
++  " Tricky script that failed because State was not set properly
++  let lines =<< trim END
++      !ls 
++      0scìi
++      so! Xsourced
++      set t_û0=0
++      v/-/o
++  END
++  call writefile(lines, 'XopenScript', '')
++
++  let sourced = "!f\u0083\x02\<Esc>z=0"
++  call writefile(sourced, 'Xsourced', 'b')
++
++  CheckRunVimInTerminal
++  let buf = RunVimInTerminal('-u NONE -i NONE -n -m -X -Z -e -s -S XopenScript -c qa!', #{rows: 6, wait_for_ruler: 0, no_clean: 1})
++  sleep 3
++
++  call StopVimInTerminal(buf)
++endfunc
++
+ " Test for :g/pat/visual to run vi commands in Ex mode
+ " This used to hang Vim before 8.2.0274.
+ func Test_Ex_global()
+

_service:tar_scm:backport-vim-7.0-rclocation.patch Added

Changes of Revision 10