Patch 8.2.3247
2 views
Skip to first unread message
Bram Moolenaar
Jul 29, 2021, 3:26:30 PM7/29/21
to vim...@googlegroups.com
Patch 8.2.3247
Problem: Using uninitialized memory when checking for crypt method.
Solution: Check the header length before using the salt and seed.
Files: src/fileio.c
*** ../vim-8.2.3246/src/fileio.c 2021-07-29 20:37:45.652199179 +0200
--- src/fileio.c 2021-07-29 21:21:22.658150211 +0200
***************
*** 2917,2931 ****
{
int header_len;
- curbuf->b_cryptstate = crypt_create_from_header(
- method, cryptkey, ptr);
- crypt_set_cm_option(curbuf, method);
-
- // Remove cryptmethod specific header from the text.
header_len = crypt_get_header_len(method);
if (*sizep <= header_len)
// invalid header, buffer can't be encrypted
return NULL;
*filesizep += header_len;
*sizep -= header_len;
mch_memmove(ptr, ptr + header_len, (size_t)*sizep);
--- 2917,2932 ----
{
int header_len;
header_len = crypt_get_header_len(method);
if (*sizep <= header_len)
// invalid header, buffer can't be encrypted
return NULL;
+
+ curbuf->b_cryptstate = crypt_create_from_header(
+ method, cryptkey, ptr);
+ crypt_set_cm_option(curbuf, method);
+
+ // Remove cryptmethod specific header from the text.
*filesizep += header_len;
*sizep -= header_len;
mch_memmove(ptr, ptr + header_len, (size_t)*sizep);
*** ../vim-8.2.3246/src/version.c 2021-07-29 21:11:26.815533418 +0200
--- src/version.c 2021-07-29 21:23:32.625850511 +0200
***************
*** 757,758 ****
--- 757,760 ----
{ /* Add new patch number below this line */
+ /**/
+ 3247,
/**/
--
Ten bugs in the hand is better than one as yet undetected.
/// Bram Moolenaar -- Br...@Moolenaar.net -- http://www.Moolenaar.net \\\
/// \\\
\\\ sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ ///
\\\ help me help AIDS victims -- http://ICCF-Holland.org ///
Reply all
Reply to author
Forward
0 new messages