1 Star 0 Fork 54

AntsCodeCommunity/vim

forked from jiangpengjuj/vim 
加入 Gitee
与超过 1200万 开发者一起发现、参与优秀开源项目,私有仓库也完全免费 :)
免费加入
文件
该仓库未声明开源许可证文件(LICENSE),使用请关注具体项目描述及其代码上游依赖。
克隆/下载
backport-CVE-2022-3153.patch 2.78 KB
一键复制 编辑 原始数据 按行查看 历史
wjiang 提交于 2022-09-13 10:13 . fix CVE-2022-3134 CVE-2022-3153
From 1540d334a04d874c2aa9d26b82dbbcd4bc5a78de Mon Sep 17 00:00:00 2001
From: Bram Moolenaar <Bram@vim.org>
Date: Wed, 7 Sep 2022 15:20:26 +0100
Subject: [PATCH] patch 9.0.0404: crash when passing invalid arguments to
assert_fails()
Problem: Crash when passing invalid arguments to assert_fails().
Solution: Check for NULL string.
---
src/testdir/test_assert.vim | 19 +++++++++++++++++--
src/testing.c | 9 +++++++++
2 files changed, 26 insertions(+), 2 deletions(-)
diff --git a/src/testdir/test_assert.vim b/src/testdir/test_assert.vim
index 7c9d090..9d8a018 100644
--- a/src/testdir/test_assert.vim
+++ b/src/testdir/test_assert.vim
@@ -278,6 +278,21 @@ func Test_assert_fail_fails()
endtry
call assert_match("E1222: String or List required for argument 2", exp)
+ try
+ call assert_equal(0, assert_fails('xxx', [#{one: 1}]))
+ catch
+ let exp = v:exception
+ endtry
+ call assert_match("E731: Using a Dictionary as a String", exp)
+
+ let exp = ''
+ try
+ call assert_equal(0, assert_fails('xxx', ['E492', #{one: 1}]))
+ catch
+ let exp = v:exception
+ endtry
+ call assert_match("E731: Using a Dictionary as a String", exp)
+
try
call assert_equal(1, assert_fails('xxx', 'E492', '', 'burp'))
catch
@@ -292,8 +307,8 @@ func Test_assert_fail_fails()
endtry
call assert_match("E1174: String required for argument 5", exp)
- call assert_equal(1, assert_fails('c0', ['', '\1']))
- call assert_match("Expected '\\\\\\\\1' but got 'E939: Positive count required: c0': c0", v:errors[0])
+ call assert_equal(1, assert_fails('c0', ['', '\(.\)\1']))
+ call assert_match("Expected '\\\\\\\\(.\\\\\\\\)\\\\\\\\1' but got 'E939: Positive count required: c0': c0", v:errors[0])
call remove(v:errors, 0)
endfunc
diff --git a/src/testing.c b/src/testing.c
index 43b8d20..b4c4ff4 100644
--- a/src/testing.c
+++ b/src/testing.c
@@ -616,6 +616,11 @@ f_assert_fails(typval_T *argvars, typval_T *rettv)
in_assert_fails = TRUE;
do_cmdline_cmd(cmd);
+
+ // reset here for any errors reported below
+ trylevel = save_trylevel;
+ suppress_errthrow = FALSE;
+
if (called_emsg == called_emsg_before)
{
prepare_assert_error(&ga);
@@ -654,6 +659,8 @@ f_assert_fails(typval_T *argvars, typval_T *rettv)
CHECK_LIST_MATERIALIZE(list);
tv = &list->lv_first->li_tv;
expected = tv_get_string_buf_chk(tv, buf);
+ if (expected == NULL)
+ goto theend;
if (!pattern_match(expected, actual, FALSE))
{
error_found = TRUE;
@@ -667,6 +674,8 @@ f_assert_fails(typval_T *argvars, typval_T *rettv)
{
tv = &list->lv_u.mat.lv_last->li_tv;
expected = tv_get_string_buf_chk(tv, buf);
+ if (expected == NULL)
+ goto theend;
if (!pattern_match(expected, actual, FALSE))
{
error_found = TRUE;
--
2.27.0
Loading...
马建仓 AI 助手
尝试更多
代码解读
代码找茬
代码优化
1
https://gitee.com/AntsCodeCommunity/vim.git
git@gitee.com:AntsCodeCommunity/vim.git
AntsCodeCommunity
vim
vim
master

搜索帮助