vim-patch:9.0.2110: [security]: overflow in ex address parsing

Problem: [security]: overflow in ex address parsing Solution: Verify that lnum is positive, before substracting from LONG_MAX [security]: overflow in ex address parsing When parsing relative ex addresses one may unintentionally cause an overflow (because LONG_MAX - lnum will overflow for negative addresses). So verify that lnum is actually positive before doing the overflow check. https://github.com/vim/vim/commit/060623e4a3bc72b011e7cd92bedb3bfb64e06200 Co-authored-by: Christian Brabandt <cb@256bit.org>
author: zeertzjq <zeertzjq@outlook.com> 2023-11-17 07:14:07 +0800
committer: zeertzjq <zeertzjq@outlook.com> 2023-11-17 07:16:04 +0800
commit: 809b05bf276892101895a713e1b8d1c209e5dfb7 (patch)
tree: 1bed22e6ccd92f27409b2472a10855c51851ba89 /test
parent: 016c6fae2740781a4c62f382673de1f86732533a (diff)
download: rneovim-809b05bf276892101895a713e1b8d1c209e5dfb7.tar.gz
rneovim-809b05bf276892101895a713e1b8d1c209e5dfb7.tar.bz2
rneovim-809b05bf276892101895a713e1b8d1c209e5dfb7.zip
1 files changed, 4 insertions, 0 deletions
diff --git a/test/old/testdir/test_excmd.vim b/test/old/testdir/test_excmd.vim
index 15c83709ad..c729ff4929 100644
--- a/test/old/testdir/test_excmd.vim
+++ b/test/old/testdir/test_excmd.vim
@@ -745,5 +745,9 @@ func Test_write_after_rename()
   bwipe!
 endfunc
 
+" catch address lines overflow
+func Test_ex_address_range_overflow()
+  call assert_fails(':--+foobar', 'E492:')
+endfunc
 
 " vim: shiftwidth=2 sts=2 expandtab
author	zeertzjq <zeertzjq@outlook.com>	2023-11-17 07:14:07 +0800
committer	zeertzjq <zeertzjq@outlook.com>	2023-11-17 07:16:04 +0800
commit	809b05bf276892101895a713e1b8d1c209e5dfb7 (patch)
tree	1bed22e6ccd92f27409b2472a10855c51851ba89 /test
parent	016c6fae2740781a4c62f382673de1f86732533a (diff)
download	rneovim-809b05bf276892101895a713e1b8d1c209e5dfb7.tar.gz rneovim-809b05bf276892101895a713e1b8d1c209e5dfb7.tar.bz2 rneovim-809b05bf276892101895a713e1b8d1c209e5dfb7.zip