Projects
openEuler:24.03:SP1:Everything
vim
_service:tar_scm:backport-CVE-2024-41957.patch
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _service:tar_scm:backport-CVE-2024-41957.patch of Package vim
From 8a0bbe7b8aad6f8da28dee218c01bc8a0185a2d5 Mon Sep 17 00:00:00 2001 From: Christian Brabandt <cb@256bit.org> Date: Thu, 1 Aug 2024 20:16:51 +0200 Subject: [PATCH] patch 9.1.0647: [security] use-after-free in tagstack_clear_entry Problem: [security] use-after-free in tagstack_clear_entry (Suyue Guo ) Solution: Instead of manually calling vim_free() on each of the tagstack entries, let's use tagstack_clear_entry(), which will also free the stack, but using the VIM_CLEAR macro, which prevents a use-after-free by setting those pointers to NULL This addresses CVE-2024-41957 Github advisory: https://github.com/vim/vim/security/advisories/GHSA-f9cr-gv85-hcr4 Signed-off-by: Christian Brabandt <cb@256bit.org> --- src/window.c | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/src/window.c b/src/window.c index 7ca29d46a..70c72bca7 100644 --- a/src/window.c +++ b/src/window.c @@ -5661,10 +5661,7 @@ win_free( win_free_lsize(wp); for (i = 0; i < wp->w_tagstacklen; ++i) - { - vim_free(wp->w_tagstack[i].tagname); - vim_free(wp->w_tagstack[i].user_data); - } + tagstack_clear_entry(&wp->w_tagstack[i]); vim_free(wp->w_localdir); vim_free(wp->w_prevdir); -- 2.33.0
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.
浙ICP备2022010568号-2