summaryrefslogtreecommitdiffstatshomepage
path: root/test/functional/vimscript/executable_spec.lua
diff options
context:
space:
mode:
authorzeertzjq <zeertzjq@outlook.com>2026-04-23 13:41:43 +0800
committerGitHub <noreply@github.com>2026-04-23 05:41:43 +0000
commita4ad469fb1f935aed6f84cfa9e663ab4f7ca1e02 (patch)
tree28311a01f3d5759667f4879d5cf3bb60f8c6d95c /test/functional/vimscript/executable_spec.lua
parentdb2f6a8a918f33abf10959949fb9e2a2f82dae4f (diff)
vim-patch:partial:9.2.0315: missing bound-checks (#39334)
Problem: missing bound-checks Solution: Add defensive guards against potential buffer overflow (Yasuhiro Matsumoto) Add bounds checking and integer overflow guards across multiple files as a defensive measure. While these code paths are unlikely to be exploitable in practice, the guards prevent undefined behavior in edge cases. - libvterm/vterm.c: use heap tmpbuffer instead of stack buffer in vsprintf() fallback path - channel.c: validate len in channel_consume() before mch_memmove() - spell.c: use long instead of int for addlen to avoid signed overflow in size_t subtraction - alloc.c: add SIZE_MAX overflow check in ga_grow_inner() before itemsize multiplication - list.c: add overflow check before count * sizeof(listitem_T) - popupwin.c: add overflow check before width * height allocation - insexpand.c: add overflow check before compl_num_bests multiplication - regexp_bt.c: replace sprintf() with vim_snprintf() in regprop() - spellfile.c: use SIZE_MAX instead of LONG_MAX for allocation overflow check closes: vim/vim#19904 https://github.com/vim/vim/commit/8d23fcb603d8f8938ce0023086326a5db6780ea2 Co-authored-by: Yasuhiro Matsumoto <mattn.jp@gmail.com>
Diffstat (limited to 'test/functional/vimscript/executable_spec.lua')
0 files changed, 0 insertions, 0 deletions