[vim/vim] CVE-2023-1264 fixed(patch-9.0.1392)，poc.dat still stuck (Issue #12151)

[code-Oct]

Steps to reproduce

1. download v9.0.1391.src.rpm and v9.0.1392.src.rpm
2. decompression source package and run ./configure && make
3. [root@localhost vim-9.0.1391]# ./src/vim -u NONE -i NONE -n -m -X -Z -e -s -S ../../poc.dat -c :qa!
   Segmentation fault (core dumped)
4. [root@localhost vim-9.0.1392]# ./src/vim -u NONE -i NONE -n -m -X -Z -e -s -S ../../poc.dat -c :qa!
   ...(stuck)

Expected behaviour

1. vim-9.0.1391 not fix CVE-2023-1264，will exist 'Segmentation fault (core dumped)' 2. vim-9.0.1392 already fixed CVE-2023-1392，should not appear 'Segmentation fault (core dumped)'

Version of Vim

vim-9.0.1391 and vim-90.01392

Environment

Ubuntu 18.04
bash-5.1.8

Logs and stack traces

No response

—
Reply to this email directly, view it on GitHub.
You are receiving this because you are subscribed to this thread.Message ID: <vim/vim/issues/12151@github.com>

[Bram Moolenaar]

Vim is not really stuck, it's waiting for input. It's difficult to get out though, because of using :open.
You can try pressing Esc, CTRL-C and pressing Enter.

—
Reply to this email directly, view it on GitHub.

You are receiving this because you are subscribed to this thread.Message ID: <vim/vim/issues/12151/1468478343@github.com>

[TheStoryEnd]

Vim is not really stuck, it's waiting for input. It's difficult to get out though, because of using :open. You can try pressing Esc, CTRL-C and pressing Enter.

Hello! brammool.
pressing Esc, CTRL-C and pressing Enter doesn't work. I'll have to kill the process to solve the problem.Is this phenomenon in line with expectations?

—
Reply to this email directly, view it on GitHub.

You are receiving this because you are subscribed to this thread.Message ID: <vim/vim/issues/12151/1469664591@github.com>

[Bram Moolenaar]

> > Vim is not really stuck, it's waiting for input. It's difficult to
> > get out though, because of using :open. You can try pressing Esc,
> > CTRL-C and pressing Enter.
>
> Hello! brammool.
> pressing Esc, CTRL-C and pressing Enter doesn't work. I'll have to
> kill the process to solve the problem.Is this phenomenon in line with
> expectations?

Considering that Vim was started in Ex silent mode, and then a global
command using :open was used, this behavior can be expected.
I don't consider this much of a problem, a user would not normally start
Vim this way.

--
We're knights of the round table
We dance whene'er we're able
We do routines and chorus scenes
With footwork impeccable.
We dine well here in Camelot
We eat ham and jam and spam a lot.
"Monty Python and the Holy Grail" PYTHON (MONTY) PICTURES LTD

/// Bram Moolenaar -- ***@***.*** -- http://www.Moolenaar.net \\\
/// \\\
\\\ sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ ///
\\\ help me help AIDS victims -- http://ICCF-Holland.org ///

—
Reply to this email directly, view it on GitHub.

You are receiving this because you are subscribed to this thread.Message ID: <vim/vim/issues/12151/1470426369@github.com>

[turkeyRD]

Vim is not really stuck, it's waiting for input. It's difficult to get out though, because of using :open.
You can try pressing Esc, CTRL-C and pressing Enter.

Oh, Brammool, you're right. It really didn't stuck and I was able to type anything.

Vim is not really stuck, it's waiting for input. It's difficult to > get out though, because of using :open. You can try pressing Esc, > CTRL-C and pressing Enter. Hello! brammool. pressing Esc, CTRL-C and pressing Enter doesn't work. I'll have to kill the process to solve the problem.Is this phenomenon in line with expectations?
Considering that Vim was started in Ex silent mode, and then a global command using :open was used, this behavior can be expected. I don't consider this much of a problem, a user would not normally start Vim this way.
…

-- We're knights of the round table We dance whene'er we're able We do routines and chorus scenes With footwork impeccable. We dine well here in Camelot We eat ham and jam and spam a lot. "Monty Python and the Holy Grail" PYTHON (MONTY) PICTURES LTD /// Bram Moolenaar -- @.*** -- http://www.Moolenaar.net \\ /// \\ \\ sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ /// \\ help me help AIDS victims -- http://ICCF-Holland.org ///

Inspired by your said, I found that when type Esc and :q! or Ctrl+c and :q!, it exits normally and no longer triggers Segmentation fault (core dump).
My Brammool, is this normal situation and does it mean that the bug has been successfully fixed?

fover@fover:~/vim-cve/cve-2023-1264/vim-9.0.1392$ ./src/vim -u NONE -i NONE -n -m -X -Z -e -s -S ../poc.dat -c :qa!
^[
:q!
fover@fover:~/vim-cve/cve-2023-1264/vim-9.0.1392$ 
fover@fover:~/vim-cve/cve-2023-1264/vim-9.0.1392$ ./src/vim -u NONE -i NONE -n -m -X -Z -e -s -S ../poc.dat -c :qa!
^C
:q!
fover@fover:~/vim-cve/cve-2023-1264/vim-9.0.1392$

Looking forward to your reply, thank you.

—
Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you are subscribed to this thread.Message ID: <vim/vim/issues/12151/1471856580@github.com>

[turkeyRD]

thanks，i can close Vim by 'ESC and :q!' or 'CTRL+C and :q!'

—
Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you are subscribed to this thread.Message ID: <vim/vim/issues/12151/1475471806@github.com>

[turkeyRD]

Closed #12151 as completed.

—
Reply to this email directly, view it on GitHub.

You are receiving this because you are subscribed to this thread.Message ID: <vim/vim/issue/12151/issue_event/8789231788@github.com>