diff --git a/backport-patch-improve-the-error-detection.patch b/backport-patch-improve-the-error-detection.patch new file mode 100644 index 0000000000000000000000000000000000000000..dff000bff98eb91c0f0a3844c7ae4baef0b18240 --- /dev/null +++ b/backport-patch-improve-the-error-detection.patch @@ -0,0 +1,71 @@ +From 3d37231437fc0f761664a7cabc8f7b927b468767 Mon Sep 17 00:00:00 2001 +From: Christian Brabandt +Date: Sun, 5 Nov 2023 17:44:05 +0100 +Subject: [PATCH] runtime(tar): improve the error detection + +Do not rely on the fact, that the last line matches warning, error, +inappropriate or unrecognized to determine if an error occurred. It +could also be a file, contains such a keyword. + +So make the error detection slightly more strict and only assume an +error occured, if in addition to those 4 keywords, also a space matches +(this assumes the error message contains a space), which luckily on Unix +not many files match by default. + +The whole if condition seems however slightly dubious. In case an error +happened, this would probably already be caught in the previous if +statement, since this checks for the return code of the tar program. + +There may however be tar implementations, that do not set the exit code +for some kind of error (but print an error message)? But let's keep this +check for now, not many people have noticed this behaviour until now, so +it seems to work reasonably well anyhow. + +related: #6425 +fixes: #13489 +Signed-off-by: Christian Brabandt +--- + runtime/autoload/tar.vim | 17 +++++++++++++---- + 1 file changed, 13 insertions(+), 4 deletions(-) + +diff --git a/runtime/autoload/tar.vim b/runtime/autoload/tar.vim +index e495e8262a93f..52369a42c1c1b 100644 +--- a/runtime/autoload/tar.vim ++++ b/runtime/autoload/tar.vim +@@ -1,7 +1,7 @@ + " tar.vim: Handles browsing tarfiles + " AUTOLOAD PORTION +-" Date: Jan 07, 2020 +-" Version: 32 ++" Date: Nov 05, 2023 ++" Version: 32a (with modifications from the Vim Project) + " Maintainer: Charles E Campbell + " License: Vim License (see vim's :help license) + " +@@ -22,7 +22,7 @@ + if &cp || exists("g:loaded_tar") + finish + endif +-let g:loaded_tar= "v32" ++let g:loaded_tar= "v32a" + if v:version < 702 + echohl WarningMsg + echo "***warning*** this version of tar needs vim 7.2" +@@ -208,7 +208,16 @@ fun! tar#Browse(tarfile) + " call Dret("tar#Browse : a:tarfile<".a:tarfile.">") + return + endif +- if line("$") == curlast || ( line("$") == (curlast + 1) && getline("$") =~# '\c\%(warning\|error\|inappropriate\|unrecognized\)') ++ " If there was an error message, the last line probably matches some keywords but ++ " should also contain whitespace for readability. Make sure not to match a ++ " filename that contains the keyword (error/warning/unrecognized/inappropriate, etc) ++ " ++ " FIXME:is this actually necessary? In case of an error, we should probably ++ " have noticed in the if statement above since tar should have exited ++ " with a non-zero exit code. ++ if line("$") == curlast || ( line("$") == (curlast + 1) && ++ \ getline("$") =~# '\c\<\%(warning\|error\|inappropriate\|unrecognized\)\>' && ++ \ getline("$") =~ '\s' ) + redraw! + echohl WarningMsg | echo "***warning*** (tar#Browse) ".a:tarfile." doesn't appear to be a tar file" | echohl None + keepj sil! %d diff --git a/vim.spec b/vim.spec index ff8baad1820cd0e5864c302d89bec2652362392d..cdf10ec78311c3df3f5642e45e5eb1d4ab1a33fb 100644 --- a/vim.spec +++ b/vim.spec @@ -12,7 +12,7 @@ Name: vim Epoch: 2 Version: 9.0 -Release: 19 +Release: 20 Summary: Vim is a highly configurable text editor for efficiently creating and changing any kind of text. License: Vim and MIT URL: http://www.vim.org @@ -110,6 +110,7 @@ Patch6080: backport-CVE-2023-5344.patch Patch6081: backport-CVE-2023-5441.patch Patch6082: backport-CVE-2023-5535.patch Patch6083: backport-CVE-2023-46246.patch +Patch6084: backport-patch-improve-the-error-detection.patch Patch9000: bugfix-rm-modify-info-version.patch @@ -519,6 +520,12 @@ LC_ALL=en_US.UTF-8 make -j1 test %{_mandir}/man1/evim.* %changelog +* Mon Nov 06 2023 wangjiang - 2:9.0-20 +- Type:bugfix +- ID:NA +- SUG:NA +- DESC:fix garbled characters display with keywords of filename + * Wed Nov 01 2023 wangjiang - 2:9.0-19 - Type:CVE - ID:CVE-2023-46246