neovim

kevin/neovim

Fork 0

mirror of https://github.com/neovim/neovim.git synced 2024-12-25 13:45:15 -07:00

Commit Graph

Author SHA1 Message Date

Author	SHA1	Message	Date
zeertzjq	6af359ef4c	vim-patch:9.1.0647: [security] use-after-free in tagstack_clear_entry Problem: [security] use-after-free in tagstack_clear_entry (Suyue Guo ) Solution: Instead of manually calling vim_free() on each of the tagstack entries, let's use tagstack_clear_entry(), which will also free the stack, but using the VIM_CLEAR macro, which prevents a use-after-free by setting those pointers to NULL This addresses CVE-2024-41957 Github advisory: https://github.com/vim/vim/security/advisories/GHSA-f9cr-gv85-hcr4 `8a0bbe7b8a` Co-authored-by: Christian Brabandt <cb@256bit.org>	2024-08-02 07:14:42 +08:00

zeertzjq

6af359ef4c

vim-patch:9.1.0647: [security] use-after-free in tagstack_clear_entry

Problem:  [security] use-after-free in tagstack_clear_entry
          (Suyue Guo )
Solution: Instead of manually calling vim_free() on each of the tagstack
          entries, let's use tagstack_clear_entry(), which will
          also free the stack, but using the VIM_CLEAR macro,
          which prevents a use-after-free by setting those pointers
          to NULL

This addresses CVE-2024-41957

Github advisory:
https://github.com/vim/vim/security/advisories/GHSA-f9cr-gv85-hcr4

8a0bbe7b8a

Co-authored-by: Christian Brabandt <cb@256bit.org>

2024-08-02 07:14:42 +08:00

1 Commits