aniani/vim
0
0
Fork 1
mirror of https://github.com/vim/vim.git synced 2025-09-27 04:14:06 -04:00
Code Activity

patch 9.1.0678: [security]: use-after-free in alist_add()

Browse Source 
Problem:  [security]: use-after-free in alist_add()
          (SuyueGuo)
Solution: Lock the current window, so that the reference to
          the argument list remains valid.

This fixes CVE-2024-43374

Signed-off-by: Christian Brabandt <cb@256bit.org>
This commit is contained in:
Christian Brabandt
2024-08-15 22:15:28 +02:00
parent 3b59be4ed8
commit 0a6e57b09b
9 changed files with 58 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/structs.h
View File

@@ -3785,7 +3785,7 @@ struct window_S
synblock_T *w_s; // for :ownsyntax
#endif
int w_closing; // window is being closed, don't let
int w_locked; // window is being closed, don't let
// autocommands close it too.
frame_T *w_frame; // frame containing this window