From 3cfcf613ae33a44294e44d41c884e379ff921947 Mon Sep 17 00:00:00 2001
From: yinyongkang <yinyongkang@kylinos.cn>
Date: Tue, 3 Sep 2024 09:27:55 +0800
Subject: [PATCH] fix CVE-2024-45306

---
 backport-CVE-2024-45306.patch | 39 +++++++++++++++++++++++++++++++++++
 vim.spec                      |  9 +++++++-
 2 files changed, 47 insertions(+), 1 deletion(-)
 create mode 100644 backport-CVE-2024-45306.patch

diff --git a/backport-CVE-2024-45306.patch b/backport-CVE-2024-45306.patch
new file mode 100644
index 0000000..3991525
--- /dev/null
+++ b/backport-CVE-2024-45306.patch
@@ -0,0 +1,39 @@
+From 396fd1ec2956307755392a1c61f55d5c1847f308 Mon Sep 17 00:00:00 2001
+From: Christian Brabandt <cb@256bit.org>
+Date: Sat, 31 Aug 2024 17:58:16 +0200
+Subject: [PATCH] patch 9.1.0707: [security]: invalid cursor position may cause
+ a crash
+
+Problem:  [security]: invalid cursor position may cause a crash
+          (after v9.1.0038)
+Solution: Set cursor to the last character in a line, if it would
+          otherwise point to beyond the line; no tests added, as it
+          is unclear how to reproduce this.
+
+Github Advisory:
+https://github.com/vim/vim/security/advisories/GHSA-4ghr-c62x-cqfh
+
+Co-authored-by: zeertzjq <zeertzjq@outlook.com>
+Signed-off-by: zeertzjq <zeertzjq@outlook.com>
+Signed-off-by: Christian Brabandt <cb@256bit.org>
+---
+ src/charset.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/src/charset.c b/src/charset.c
+index bda3f91..ab4f1e4 100644
+--- a/src/charset.c
++++ b/src/charset.c
+@@ -1621,6 +1621,9 @@ getvcol(
+     }
+     clear_chartabsize_arg(&cts);
+ 
++    if (*ptr == NUL && pos->col < MAXCOL && pos->col > ptr - line)
++	pos->col = ptr - line;
++
+     if (start != NULL)
+ 	*start = vcol + head;
+     if (end != NULL)
+-- 
+2.43.0
+
diff --git a/vim.spec b/vim.spec
index 4e57f33..8a81aae 100644
--- a/vim.spec
+++ b/vim.spec
@@ -14,7 +14,7 @@
 Name:           vim
 Epoch:          2
 Version:        %{baseversion}.%{patchlevel}
-Release:        11
+Release:        12
 Summary:        Vim is a highly configurable text editor for efficiently creating and changing any kind of text.
 License:        Vim and MIT
 URL:            http://www.vim.org
@@ -50,6 +50,7 @@ Patch6015:      backport-patch-9.1.0554-bw-leaves-jumplist-and-tagstack-data-.pa
 Patch6016:      backport-CVE-2024-41957.patch
 Patch6017:      backport-CVE-2024-43374.patch
 Patch6018:      backport-CVE-2024-43802.patch
+Patch6019:      backport-CVE-2024-45306.patch
 
 Patch9000:      bugfix-rm-modify-info-version.patch
 
@@ -457,6 +458,12 @@ LC_ALL=en_US.UTF-8 make -j1 test || echo "Warning: Please check tests."
 %{_mandir}/man1/evim.*
 
 %changelog
+* Tue Sep 03 2024 yinyongkang <yinyongkang@kylinos.cn> - 2:9.0.2092-12
+- Type:CVE
+- ID:CVE-2024-45306
+- SUG:NA
+- DESC:fix CVE-2024-45306
+
 * Thu Aug 29 2024 wangjiang <app@cameyan.com> - 2:9.0.2092-11
 - Type:CVE
 - ID:CVE-2024-43802
-- 
Gitee