Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
patch 8.2.5043: can open a cmdline window from a substitute expression
Problem: Can open a cmdline window from a substitute expression. Solution: Disallow opening a command line window when text or buffer is locked.
- Loading branch information
Showing
6 changed files
with
51 additions
and
12 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
71223e2
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hi, all.
why does this commit fix CVE-2022-1942?
According to https://huntr.dev/bounties/67ca4d3b-9175-43c1-925c-72a7091bc071/
There is a Heap-based Buffer Overflow in vim_regsub_both, this patch does not fix the heap-based-buffer overflow problem.
Does this commit fix the flaw exploit situation aka "open a command-line window from a substitute expression when a text or buffer is locked"?
71223e2
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.