From 6da6a111917f781613f1147fdb96a86ad060afc8 Mon Sep 17 00:00:00 2001 From: Penglai Code Date: Wed, 1 Jul 2026 17:01:34 +0800 Subject: [PATCH] fix: CVE-2023-4735: Out-of-bounds Write in GitHub repository vim/vim prior... CVE: CVE-2023-4735 Issue: CVE-2023-4735 Assisted-by: qwen3.7-max Signed-off-by: Penglai Code --- ...2023-4735-out-of-bounds-write-github.patch | 21 +++++++++++++++++++ vim.spec | 10 ++++++++- 2 files changed, 30 insertions(+), 1 deletion(-) create mode 100644 CVE-2023-4735-CVE-2023-4735-out-of-bounds-write-github.patch diff --git a/CVE-2023-4735-CVE-2023-4735-out-of-bounds-write-github.patch b/CVE-2023-4735-CVE-2023-4735-out-of-bounds-write-github.patch new file mode 100644 index 0000000..1d6754a --- /dev/null +++ b/CVE-2023-4735-CVE-2023-4735-out-of-bounds-write-github.patch @@ -0,0 +1,21 @@ +From: Penglai Code +Subject: [PATCH] CVE-2023-4735: Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1847. + +CVE: CVE-2023-4735 +Upstream: NVD/CVE references (commit) +Reference: https://github.com/vim/vim/commit/889f6af37164775192e33b233a90e86fd3df0f57 +Bug: CVE-2023-4735 + +--- + +--- a/src/ops.c ++++ b/src/ops.c +@@ -2919,7 +2919,7 @@ + for (bit = bits; bit > 0; bit--) + if ((n >> (bit - 1)) & 0x1) break; + +- for (i = 0; bit > 0; bit--) ++ for (i = 0; bit > 0 && i < (NUMBUFLEN - 1); bit--) + buf2[i++] = ((n >> (bit - 1)) & 0x1) ? '1' : '0'; + + buf2[i] = '\0'; diff --git a/vim.spec b/vim.spec index f2bbbf5..aa07659 100644 --- a/vim.spec +++ b/vim.spec @@ -1,4 +1,4 @@ -%define anolis_release 1 +%define anolis_release 2 %bcond_without gui %bcond_with default_editor @@ -56,6 +56,10 @@ Source12: view_wrapper Source13: vi_wrapper Patch0001: 0001-vim-8.0-copy-paste.patch +# CVE-2023-4735 +# Upstream: NVD/CVE references (commit) +# Reference: https://github.com/vim/vim/commit/889f6af37164775192e33b233a90e86fd3df0f57 +Patch2: CVE-2023-4735-CVE-2023-4735-out-of-bounds-write-github.patch BuildRequires: autoconf gcc glibc-gconv-extra make BuildRequires: gettext gpm-devel libacl-devel @@ -800,6 +804,10 @@ touch %{buildroot}/%{data_dir}/vimfiles/doc/tags %endif %changelog +* Wed Jul 01 2026 Penglai Code - %{baseversion}.%{patchlevel}-2 +- Fix CVE-2023-4735 (BZ#2023) + Upstream patch: https://github.com/vim/vim/commit/889f6af37164775192e33b233a90e86fd3df0f57 + * Mon Jul 10 2023 Funda Wang - 2:9.0.1677-1 - New patchlevel 9.0.1677 -- Gitee