Hi,
I installed Vim 8.0.5 on Ubuntu 16.04 using PPA following the following instructions: http://tipsonubuntu.com/2016/09/13/vim-8-0-released-install-ubuntu-16-04/
Just for fun I tried to see what happens if file begins with the same text as Vim encrypted file. Interesting to find out Vim crashes.
To reproduce a problem:
1. I opened empty file from bash shell: vim test.txt
2. Typed letter I to enter insert mode.
3. Typed into file the following text: VimCrypt~03!abc
4. Save and quit: :wq
5. Open file: vim test.txt
6. Encryption key appears:
a) If just pressing Enter (so without password) then file opens normally without a problem.
b) If typed in any dummy text for password like: test
and Vim crashes with error:
Vim: Caught deadly signal SEGV
vi: malloc.c:3723: _int_malloc: Assertion `(unsigned long) (size) >= (unsigned long) (nb)' failed
Vim: Finished
Vim: Double signal, exiting
In my humble opinion program should never crash, but should return some error or similar.
The same crash if in step 3 using text:
VimCrypt~02!abc
But without crash if in step 3 using text:
VimCrypt~01!abc
I attached file with context from command from bash shell: vim --version
P.S. Because Vim crashes with "VimCrypt~02!abc" text this crash is probably already in vim 7.3+ when blowfish was first released in Vim. I haven't tested in any other version beside vim 8.0.5
vim_version.txt
Regards
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
This patch fixes it.
diff --git a/src/fileio.c b/src/fileio.c index ea1f338..193e4fd 100644 --- a/src/fileio.c +++ b/src/fileio.c @@ -3011,6 +3011,9 @@ check_for_cryptkey( /* Remove cryptmethod specific header from the text. */ header_len = crypt_get_header_len(method); + if (*sizep <= header_len) + /* buffer can't be encrypted */ + return NULL; *filesizep += header_len; *sizep -= header_len; mch_memmove(ptr, ptr + header_len, (size_t)*sizep);
closed by 8.0.010
—
You are receiving this because you commented.
I have updated Vim to 8.0.13 on Ubuntu 16.04, retested all three tests and now Vim works fine without crashes. Thanks a lot for fixing this.
—
You are receiving this because you commented.