代码拉取完成,页面将自动刷新
同步操作将从 src-openEuler/vim 强制同步,此操作会覆盖自 Fork 仓库以来所做的任何修改,且无法恢复!!!
确定后同步将在后台操作,完成时将刷新页面,请耐心等待。
From 8a0bbe7b8aad6f8da28dee218c01bc8a0185a2d5 Mon Sep 17 00:00:00 2001
From: Christian Brabandt <cb@256bit.org>
Date: Thu, 1 Aug 2024 20:16:51 +0200
Subject: [PATCH] patch 9.1.0647: [security] use-after-free in
tagstack_clear_entry
Problem: [security] use-after-free in tagstack_clear_entry
(Suyue Guo )
Solution: Instead of manually calling vim_free() on each of the tagstack
entries, let's use tagstack_clear_entry(), which will
also free the stack, but using the VIM_CLEAR macro,
which prevents a use-after-free by setting those pointers
to NULL
This addresses CVE-2024-41957
Github advisory:
https://github.com/vim/vim/security/advisories/GHSA-f9cr-gv85-hcr4
Signed-off-by: Christian Brabandt <cb@256bit.org>
---
src/window.c | 5 +----
1 file changed, 1 insertion(+), 4 deletions(-)
diff --git a/src/window.c b/src/window.c
index 7ca29d46a..70c72bca7 100644
--- a/src/window.c
+++ b/src/window.c
@@ -5661,10 +5661,7 @@ win_free(
win_free_lsize(wp);
for (i = 0; i < wp->w_tagstacklen; ++i)
- {
- vim_free(wp->w_tagstack[i].tagname);
- vim_free(wp->w_tagstack[i].user_data);
- }
+ tagstack_clear_entry(&wp->w_tagstack[i]);
vim_free(wp->w_localdir);
vim_free(wp->w_prevdir);
--
2.33.0
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。
马建仓 AI 助手