Heap buffer overflow when using the mkspell command
7 views
Skip to first unread message
Yegappan Lakshmanan
Aug 24, 2020, 12:52:25 PM8/24/20
to vim_dev
Hi,
When generating a spell file using the ":mkspell" command,
I am running into a heap buffer overflow (with the ASAN build):
To reproduce this problem, save the following content to
a file (x.vim):
-------------------------------------------------------------------------------------
call writefile(['1', 'work'], 'Xtest.dic')
call writefile(['SOFOFROM abcd', 'SOFOTO ABCD', 'SAL CIA X'], 'Xtest.aff')
mkspell! Xtest.spl Xtest
call writefile(['SOFOFROM abcd', 'SOFOTO ABCD', 'SAL CIA X'], 'Xtest.aff')
mkspell! Xtest.spl Xtest
-------------------------------------------------------------------------------------
Now run the command "vim --clean -N -u NONE -i NONE -S x.vim"
- Yegappan
Bram Moolenaar
Aug 24, 2020, 2:02:47 PM8/24/20
to vim...@googlegroups.com, Yegappan Lakshmanan
Looks like we need to remember the length of the bytes buffer, so we can
avoid going over the end.
--
Ten bugs in the hand is better than one as yet undetected.
/// Bram Moolenaar -- Br...@Moolenaar.net -- http://www.Moolenaar.net \\\
/// sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\
\\\ an exciting new programming language -- http://www.Zimbu.org ///
\\\ help me help AIDS victims -- http://ICCF-Holland.org ///
Reply all
Reply to author
Forward
0 new messages