From ee9166eb3b41846661a39b662dc7ebe8b5e15139 Mon Sep 17 00:00:00 2001 From: Christian Brabandt Date: Sun, 3 Sep 2023 21:24:33 +0200 Subject: patch 9.0.1858: [security] heap use after free in ins_compl_get_exp() Problem: heap use after free in ins_compl_get_exp() Solution: validate buffer before accessing it Signed-off-by: Christian Brabandt --- src/testdir/crash/poc_tagfunc.vim | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 src/testdir/crash/poc_tagfunc.vim (limited to 'src/testdir/crash') diff --git a/src/testdir/crash/poc_tagfunc.vim b/src/testdir/crash/poc_tagfunc.vim new file mode 100644 index 0000000000..49d9b6f719 --- /dev/null +++ b/src/testdir/crash/poc_tagfunc.vim @@ -0,0 +1,6 @@ +fu Tagfunc(t,f,o) + bw +endf +set tagfunc=Tagfunc +n0 +sil0norm0i -- cgit v1.2.3