aniani/vim
0
0
Fork 1
mirror of https://github.com/vim/vim.git synced 2025-09-25 03:54:15 -04:00
Code Activity

patch 8.2.3247: using uninitialized memory when checking for crypt method

Browse Source 
Problem:    Using uninitialized memory when checking for crypt method.
Solution:   Check the header length before using the salt and seed.
This commit is contained in:
Bram Moolenaar
2021-07-29 21:23:50 +02:00
parent 77111e2bfc
commit 77ab4e28a2
2 changed files with 8 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
src/fileio.c
View File

@@ -2917,15 +2917,16 @@ check_for_cryptkey(
{ {
int header_len; int header_len;
header_len = crypt_get_header_len(method);
if (*sizep <= header_len)
// invalid header, buffer can't be encrypted
return NULL;
curbuf->b_cryptstate = crypt_create_from_header( curbuf->b_cryptstate = crypt_create_from_header(
method, cryptkey, ptr); method, cryptkey, ptr);
crypt_set_cm_option(curbuf, method); crypt_set_cm_option(curbuf, method);
// Remove cryptmethod specific header from the text. // Remove cryptmethod specific header from the text.
header_len = crypt_get_header_len(method);
if (*sizep <= header_len)
// invalid header, buffer can't be encrypted
return NULL;
*filesizep += header_len; *filesizep += header_len;
*sizep -= header_len; *sizep -= header_len;
mch_memmove(ptr, ptr + header_len, (size_t)*sizep); mch_memmove(ptr, ptr + header_len, (size_t)*sizep);

2
src/version.c
View File

@@ -755,6 +755,8 @@ static char *(features[]) =
static int included_patches[] = static int included_patches[] =
{ /* Add new patch number below this line */ { /* Add new patch number below this line */
/**/
3247,
/**/ /**/
3246, 3246,
/**/ /**/