patch 9.1.0707: [security]: invalid cursor position may cause a crash

Problem:  [security]: invalid cursor position may cause a crash
          (after v9.1.0038)
Solution: Set cursor to the last character in a line, if it would
          otherwise point to beyond the line; no tests added, as it
          is unclear how to reproduce this.

Github Advisory:
https://github.com/vim/vim/security/advisories/GHSA-4ghr-c62x-cqfh

Co-authored-by: zeertzjq <zeertzjq@outlook.com>
Signed-off-by: zeertzjq <zeertzjq@outlook.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>
This commit is contained in:
Christian Brabandt
2024-08-31 17:58:16 +02:00
parent 75ba87ba62
commit 396fd1ec29
2 changed files with 5 additions and 0 deletions

View File

@ -1678,6 +1678,9 @@ getvcol(
} }
clear_chartabsize_arg(&cts); clear_chartabsize_arg(&cts);
if (*ptr == NUL && pos->col < MAXCOL && pos->col > ptr - line)
pos->col = ptr - line;
if (start != NULL) if (start != NULL)
*start = vcol + head; *start = vcol + head;
if (end != NULL) if (end != NULL)

View File

@ -704,6 +704,8 @@ static char *(features[]) =
static int included_patches[] = static int included_patches[] =
{ /* Add new patch number below this line */ { /* Add new patch number below this line */
/**/
707,
/**/ /**/
706, 706,
/**/ /**/