Miroirs/slackware-current
1
0
Fork 0
mirror of git://slackware.nl/current.git synced 2024-12-27 09:59:16 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Sat Aug 20 20:04:15 UTC 2022

Browse source 
patches/packages/vim-8.2.4649-x86_64-3_slack15.0.txz:  Rebuilt.
  Fix use after free.
  Thanks to marav for the heads-up.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2889
  (* Security fix *)
patches/packages/vim-gvim-8.2.4649-x86_64-3_slack15.0.txz:  Rebuilt.
This commit is contained in:
Patrick J Volkerding 2022-08-20 20:04:15 +00:00 committed by Eric Hameleers
parent 77a67ac465
commit 44e993e802
9 changed files with 295 additions and 29 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
ChangeLog.rss
View file

@ -11,9 +11,26 @@
<description>Tracking Slackware development in git.</description>
<language>en-us</language>
<id xmlns="http://www.w3.org/2005/Atom">urn:uuid:c964f45e-6732-11e8-bbe5-107b4450212f</id>
<pubDate>Thu, 18 Aug 2022 23:19:52 GMT</pubDate>
<lastBuildDate>Fri, 19 Aug 2022 11:29:47 GMT</lastBuildDate>
<pubDate>Sat, 20 Aug 2022 20:04:15 GMT</pubDate>
<lastBuildDate>Sun, 21 Aug 2022 11:30:14 GMT</lastBuildDate>
<generator>maintain_current_git.sh v 1.17</generator>
<item>
<title>Sat, 20 Aug 2022 20:04:15 GMT</title>
<pubDate>Sat, 20 Aug 2022 20:04:15 GMT</pubDate>
<link>https://git.slackware.nl/current/tag/?h=20220820200415</link>
<guid isPermaLink="false">20220820200415</guid>
<description>
<![CDATA[<pre>
patches/packages/vim-8.2.4649-x86_64-3_slack15.0.txz: Rebuilt.
Fix use after free.
Thanks to marav for the heads-up.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2889
(* Security fix *)
patches/packages/vim-gvim-8.2.4649-x86_64-3_slack15.0.txz: Rebuilt.
</pre>]]>
</description>
</item>
<item>
<title>Thu, 18 Aug 2022 23:19:52 GMT</title>
<pubDate>Thu, 18 Aug 2022 23:19:52 GMT</pubDate>

9
ChangeLog.txt
View file

@ -1,3 +1,12 @@
Sat Aug 20 20:04:15 UTC 2022
patches/packages/vim-8.2.4649-x86_64-3_slack15.0.txz: Rebuilt.
Fix use after free.
Thanks to marav for the heads-up.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2889
(* Security fix *)
patches/packages/vim-gvim-8.2.4649-x86_64-3_slack15.0.txz: Rebuilt.
+--------------------------+
Thu Aug 18 23:19:52 UTC 2022
patches/packages/glibc-zoneinfo-2022c-noarch-1_slack15.0.txz: Upgraded.
This package provides the latest timezone updates.

51
FILELIST.TXT
View file

@ -1,20 +1,20 @@
Thu Aug 18 23:26:12 UTC 2022
Sat Aug 20 20:06:39 UTC 2022
Here is the file list for this directory. If you are using a
mirror site and find missing or extra files in the disk
subdirectories, please have the archive administrator refresh
the mirror.
drwxr-xr-x 12 root root 4096 2022-08-18 23:19 .
drwxr-xr-x 12 root root 4096 2022-08-20 20:04 .
-rw-r--r-- 1 root root 5767 2022-02-02 22:44 ./ANNOUNCE.15.0
-rw-r--r-- 1 root root 16609 2022-03-30 19:03 ./CHANGES_AND_HINTS.TXT
-rw-r--r-- 1 root root 1147727 2022-08-17 20:45 ./CHECKSUMS.md5
-rw-r--r-- 1 root root 163 2022-08-17 20:45 ./CHECKSUMS.md5.asc
-rw-r--r-- 1 root root 1147727 2022-08-18 23:26 ./CHECKSUMS.md5
-rw-r--r-- 1 root root 163 2022-08-18 23:26 ./CHECKSUMS.md5.asc
-rw-r--r-- 1 root root 17976 1994-06-10 02:28 ./COPYING
-rw-r--r-- 1 root root 35147 2007-06-30 04:21 ./COPYING3
-rw-r--r-- 1 root root 19573 2016-06-23 20:08 ./COPYRIGHT.TXT
-rw-r--r-- 1 root root 616 2006-10-02 04:37 ./CRYPTO_NOTICE.TXT
-rw-r--r-- 1 root root 1917195 2022-08-18 23:19 ./ChangeLog.txt
-rw-r--r-- 1 root root 1917559 2022-08-20 20:04 ./ChangeLog.txt
drwxr-xr-x 3 root root 4096 2013-03-20 22:17 ./EFI
drwxr-xr-x 2 root root 4096 2022-02-02 08:21 ./EFI/BOOT
-rw-r--r-- 1 root root 1187840 2021-06-15 19:16 ./EFI/BOOT/bootx64.efi
@ -25,7 +25,7 @@ drwxr-xr-x 2 root root 4096 2022-02-02 08:21 ./EFI/BOOT
-rwxr-xr-x 1 root root 2504 2019-07-05 18:54 ./EFI/BOOT/make-grub.sh
-rw-r--r-- 1 root root 10722 2013-09-21 19:02 ./EFI/BOOT/osdetect.cfg
-rw-r--r-- 1 root root 1273 2013-08-12 21:08 ./EFI/BOOT/tools.cfg
-rw-r--r-- 1 root root 1498348 2022-08-17 20:44 ./FILELIST.TXT
-rw-r--r-- 1 root root 1498348 2022-08-18 23:26 ./FILELIST.TXT
-rw-r--r-- 1 root root 1572 2012-08-29 18:27 ./GPG-KEY
-rw-r--r-- 1 root root 864745 2022-02-02 08:25 ./PACKAGES.TXT
-rw-r--r-- 1 root root 8034 2022-02-02 03:36 ./README.TXT
@ -737,13 +737,13 @@ drwxr-xr-x 2 root root 4096 2008-05-07 05:21 ./pasture/source/php/pear
-rwxr-xr-x 1 root root 9448 2018-05-16 22:38 ./pasture/source/php/php.SlackBuild
-rw-r--r-- 1 root root 775 2017-07-07 19:25 ./pasture/source/php/php.ini-development.diff.gz
-rw-r--r-- 1 root root 830 2005-12-09 05:18 ./pasture/source/php/slack-desc
drwxr-xr-x 4 root root 4096 2022-08-18 23:26 ./patches
-rw-r--r-- 1 root root 44147 2022-08-18 23:26 ./patches/CHECKSUMS.md5
-rw-r--r-- 1 root root 163 2022-08-18 23:26 ./patches/CHECKSUMS.md5.asc
-rw-r--r-- 1 root root 59193 2022-08-18 23:26 ./patches/FILE_LIST
-rw-r--r-- 1 root root 11198849 2022-08-18 23:26 ./patches/MANIFEST.bz2
-rw-r--r-- 1 root root 33462 2022-08-18 23:26 ./patches/PACKAGES.TXT
drwxr-xr-x 3 root root 16384 2022-08-18 23:26 ./patches/packages
drwxr-xr-x 4 root root 4096 2022-08-20 20:06 ./patches
-rw-r--r-- 1 root root 44217 2022-08-20 20:06 ./patches/CHECKSUMS.md5
-rw-r--r-- 1 root root 163 2022-08-20 20:06 ./patches/CHECKSUMS.md5.asc
-rw-r--r-- 1 root root 59280 2022-08-20 20:06 ./patches/FILE_LIST
-rw-r--r-- 1 root root 11199663 2022-08-20 20:06 ./patches/MANIFEST.bz2
-rw-r--r-- 1 root root 33462 2022-08-20 20:06 ./patches/PACKAGES.TXT
drwxr-xr-x 3 root root 16384 2022-08-20 20:06 ./patches/packages
-rw-r--r-- 1 root root 327 2022-02-15 05:07 ./patches/packages/aaa_base-15.0-x86_64-4_slack15.0.txt
-rw-r--r-- 1 root root 10716 2022-02-15 05:07 ./patches/packages/aaa_base-15.0-x86_64-4_slack15.0.txz
-rw-r--r-- 1 root root 163 2022-02-15 05:07 ./patches/packages/aaa_base-15.0-x86_64-4_slack15.0.txz.asc
@ -874,12 +874,12 @@ drwxr-xr-x 2 root root 4096 2022-05-09 21:37 ./patches/packages/linux-5.15
-rw-r--r-- 1 root root 354 2022-02-15 18:37 ./patches/packages/util-linux-2.37.4-x86_64-1_slack15.0.txt
-rw-r--r-- 1 root root 2805300 2022-02-15 18:37 ./patches/packages/util-linux-2.37.4-x86_64-1_slack15.0.txz
-rw-r--r-- 1 root root 163 2022-02-15 18:37 ./patches/packages/util-linux-2.37.4-x86_64-1_slack15.0.txz.asc
-rw-r--r-- 1 root root 383 2022-08-17 19:21 ./patches/packages/vim-8.2.4649-x86_64-2_slack15.0.txt
-rw-r--r-- 1 root root 8144256 2022-08-17 19:21 ./patches/packages/vim-8.2.4649-x86_64-2_slack15.0.txz
-rw-r--r-- 1 root root 163 2022-08-17 19:21 ./patches/packages/vim-8.2.4649-x86_64-2_slack15.0.txz.asc
-rw-r--r-- 1 root root 503 2022-08-17 19:22 ./patches/packages/vim-gvim-8.2.4649-x86_64-2_slack15.0.txt
-rw-r--r-- 1 root root 1659412 2022-08-17 19:22 ./patches/packages/vim-gvim-8.2.4649-x86_64-2_slack15.0.txz
-rw-r--r-- 1 root root 163 2022-08-17 19:22 ./patches/packages/vim-gvim-8.2.4649-x86_64-2_slack15.0.txz.asc
-rw-r--r-- 1 root root 383 2022-08-20 18:51 ./patches/packages/vim-8.2.4649-x86_64-3_slack15.0.txt
-rw-r--r-- 1 root root 8141876 2022-08-20 18:51 ./patches/packages/vim-8.2.4649-x86_64-3_slack15.0.txz
-rw-r--r-- 1 root root 163 2022-08-20 18:51 ./patches/packages/vim-8.2.4649-x86_64-3_slack15.0.txz.asc
-rw-r--r-- 1 root root 503 2022-08-20 18:52 ./patches/packages/vim-gvim-8.2.4649-x86_64-3_slack15.0.txt
-rw-r--r-- 1 root root 1659760 2022-08-20 18:52 ./patches/packages/vim-gvim-8.2.4649-x86_64-3_slack15.0.txz
-rw-r--r-- 1 root root 163 2022-08-20 18:52 ./patches/packages/vim-gvim-8.2.4649-x86_64-3_slack15.0.txz.asc
-rw-r--r-- 1 root root 507 2022-07-10 18:40 ./patches/packages/wavpack-5.5.0-x86_64-1_slack15.0.txt
-rw-r--r-- 1 root root 185936 2022-07-10 18:40 ./patches/packages/wavpack-5.5.0-x86_64-1_slack15.0.txz
-rw-r--r-- 1 root root 163 2022-07-10 18:40 ./patches/packages/wavpack-5.5.0-x86_64-1_slack15.0.txz.asc
@ -904,7 +904,7 @@ drwxr-xr-x 2 root root 4096 2022-05-09 21:37 ./patches/packages/linux-5.15
-rw-r--r-- 1 root root 388 2022-08-09 17:48 ./patches/packages/zlib-1.2.12-x86_64-2_slack15.0.txt
-rw-r--r-- 1 root root 105196 2022-08-09 17:48 ./patches/packages/zlib-1.2.12-x86_64-2_slack15.0.txz
-rw-r--r-- 1 root root 163 2022-08-09 17:48 ./patches/packages/zlib-1.2.12-x86_64-2_slack15.0.txz.asc
drwxr-xr-x 45 root root 4096 2022-08-18 23:17 ./patches/source
drwxr-xr-x 45 root root 4096 2022-08-20 19:02 ./patches/source
drwxr-xr-x 2 root root 4096 2022-01-16 05:07 ./patches/source/aaa_base
-rw-r--r-- 1 root root 11041 2022-02-15 04:49 ./patches/source/aaa_base/_aaa_base.tar.gz
-rwxr-xr-x 1 root root 3894 2022-02-15 05:07 ./patches/source/aaa_base/aaa_base.SlackBuild
@ -1300,18 +1300,19 @@ drwxr-xr-x 2 root root 4096 2020-05-08 19:39 ./patches/source/util-linux/p
-rw-r--r-- 1 root root 335 2014-07-03 08:34 ./patches/source/util-linux/util-linux.fdisk-no-solaris.diff.gz
-rw-r--r-- 1 root root 10292 2009-05-30 01:25 ./patches/source/util-linux/ziptool-1.4.0.tar.xz
-rw-r--r-- 1 root root 386 2009-05-30 01:25 ./patches/source/util-linux/ziptool-fix_build.patch.gz
drwxr-xr-x 2 root root 4096 2022-08-17 19:11 ./patches/source/vim
drwxr-xr-x 2 root root 4096 2022-08-20 18:50 ./patches/source/vim
-rw-r--r-- 1 root root 547 2022-08-17 19:02 ./patches/source/vim/CVE-2022-2816.patch.gz
-rw-r--r-- 1 root root 1105 2022-08-17 19:03 ./patches/source/vim/CVE-2022-2817.patch.gz
-rw-r--r-- 1 root root 687 2022-08-17 19:03 ./patches/source/vim/CVE-2022-2819.patch.gz
-rw-r--r-- 1 root root 2343 2022-08-20 18:50 ./patches/source/vim/CVE-2022-2889.patch.gz
-rw-r--r-- 1 root root 299348 2009-07-09 22:03 ./patches/source/vim/ctags-5.8.tar.xz
-rw-r--r-- 1 root root 2768 2022-02-12 08:11 ./patches/source/vim/ctags.use-conventional-unused-marker.patch.gz
-rw-r--r-- 1 root root 8249 2006-01-19 17:01 ./patches/source/vim/gvim.png
-rw-r--r-- 1 root root 834 2018-02-27 06:13 ./patches/source/vim/slack-desc.vim
-rw-r--r-- 1 root root 959 2018-03-15 02:41 ./patches/source/vim/slack-desc.vim-gvim
-rw-r--r-- 1 root root 10400559 2022-03-30 18:17 ./patches/source/vim/vim-8.2.4649.tar.lz
-rwxr-xr-x 1 root root 6589 2022-08-17 19:08 ./patches/source/vim/vim-gvim.SlackBuild
-rwxr-xr-x 1 root root 8153 2022-08-17 19:12 ./patches/source/vim/vim.SlackBuild
-rwxr-xr-x 1 root root 6654 2022-08-20 18:44 ./patches/source/vim/vim-gvim.SlackBuild
-rwxr-xr-x 1 root root 8218 2022-08-20 18:44 ./patches/source/vim/vim.SlackBuild
-rw-r--r-- 1 root root 283 2019-01-11 20:43 ./patches/source/vim/vim.vimrc.diff.gz
drwxr-xr-x 2 root root 4096 2022-07-10 18:34 ./patches/source/wavpack
-rw-r--r-- 1 root root 963 2019-12-19 18:54 ./patches/source/wavpack/slack-desc
@ -2738,7 +2739,7 @@ drwxr-xr-x 2 root root 69632 2022-02-01 08:29 ./slackware64/kde
-rw-r--r-- 1 root root 118812 2022-01-08 22:35 ./slackware64/kde/kimageformats-5.90.0-x86_64-1.txz
-rw-r--r-- 1 root root 163 2022-01-08 22:35 ./slackware64/kde/kimageformats-5.90.0-x86_64-1.txz.asc
-rw-r--r-- 1 root root 253 2022-01-06 22:54 ./slackware64/kde/kimagemapeditor-21.12.1-x86_64-1.txt
-rw-r--r-- 1 root root 1180648 2022-01-06 22:54 ./slackware64/kde/kimagemapeditor-21.12.1-x86_64-1.txz
-rw-r--r-- 1 root root 1180648 2022-01-06 22:54 ./slackware64/kde/kimagemapeditor-21.12.1-x86_64-1.txz
-rw-r--r-- 1 root root 163 2022-01-06 22:54 ./slackware64/kde/kimagemapeditor-21.12.1-x86_64-1.txz.asc
-rw-r--r-- 1 root root 184 2022-01-06 21:38 ./slackware64/kde/kimap-21.12.1-x86_64-1.txt
-rw-r--r-- 1 root root 234768 2022-01-06 21:38 ./slackware64/kde/kimap-21.12.1-x86_64-1.txz
@ -5493,7 +5494,7 @@ drwxr-xr-x 2 root root 65536 2022-02-01 04:47 ./slackware64/x
-rw-r--r-- 1 root root 803 2021-02-13 13:00 ./slackware64/x/noto-cjk-fonts-ttf-2.001-noarch-3.txt
-rw-r--r-- 1 root root 91118036 2021-02-13 13:00 ./slackware64/x/noto-cjk-fonts-ttf-2.001-noarch-3.txz
-rw-r--r-- 1 root root 163 2021-02-13 13:00 ./slackware64/x/noto-cjk-fonts-ttf-2.001-noarch-3.txz.asc
-rw-r--r-- 1 root root 710 2021-10-01 05:30 ./slackware64/x/noto-fonts-ttf-20171024-noarch-4.txt
-rw-r--r-- 1 root root 710 2021-10-01 05:30 ./slackware64/x/noto-fonts-ttf-20171024-noarch-4.txt
-rw-r--r-- 1 root root 11603404 2021-10-01 05:30 ./slackware64/x/noto-fonts-ttf-20171024-noarch-4.txz
-rw-r--r-- 1 root root 163 2021-10-01 05:30 ./slackware64/x/noto-fonts-ttf-20171024-noarch-4.txz.asc
-rw-r--r-- 1 root root 222 2021-02-13 13:11 ./slackware64/x/oclock-1.0.4-x86_64-4.txt

0
patches/packages/vim-8.2.4649-x86_64-2_slack15.0.txt → patches/packages/vim-8.2.4649-x86_64-3_slack15.0.txt
View file

0
patches/packages/vim-gvim-8.2.4649-x86_64-2_slack15.0.txt → patches/packages/vim-gvim-8.2.4649-x86_64-3_slack15.0.txt
View file

236
patches/source/vim/CVE-2022-2889.patch Normal file
View file

@ -0,0 +1,236 @@
From 91c7cbfe31bbef57d5fcf7d76989fc159f73ef15 Mon Sep 17 00:00:00 2001
From: Bram Moolenaar <Bram@vim.org>
Date: Thu, 18 Aug 2022 13:28:31 +0100
Subject: [PATCH] patch 9.0.0225: using freed memory with multiple line breaks
in expression
Problem: Using freed memory with multiple line breaks in expression.
Solution: Free eval_tofree later.
diff --git a/src/eval.c b/src/eval.c
index 42b883e9b00b..60daca51ce9d 100644
--- a/src/eval.c
+++ b/src/eval.c
@@ -353,6 +353,63 @@ eval_to_string_skip(
return retval;
}
+/*
+ * Initialize "evalarg" for use.
+ */
+ void
+init_evalarg(evalarg_T *evalarg)
+{
+ CLEAR_POINTER(evalarg);
+ ga_init2(&evalarg->eval_tofree_ga, sizeof(char_u *), 20);
+}
+
+/*
+ * If "evalarg->eval_tofree" is not NULL free it later.
+ * Caller is expected to overwrite "evalarg->eval_tofree" next.
+ */
+ static void
+free_eval_tofree_later(evalarg_T *evalarg)
+{
+ if (evalarg->eval_tofree != NULL)
+ {
+ if (ga_grow(&evalarg->eval_tofree_ga, 1) == OK)
+ ((char_u **)evalarg->eval_tofree_ga.ga_data)
+ [evalarg->eval_tofree_ga.ga_len++]
+ = evalarg->eval_tofree;
+ else
+ vim_free(evalarg->eval_tofree);
+ }
+}
+
+/*
+ * After using "evalarg" filled from "eap": free the memory.
+ */
+ void
+clear_evalarg(evalarg_T *evalarg, exarg_T *eap)
+{
+ if (evalarg != NULL)
+ {
+ if (evalarg->eval_tofree != NULL)
+ {
+ if (eap != NULL)
+ {
+ // We may need to keep the original command line, e.g. for
+ // ":let" it has the variable names. But we may also need the
+ // new one, "nextcmd" points into it. Keep both.
+ vim_free(eap->cmdline_tofree);
+ eap->cmdline_tofree = *eap->cmdlinep;
+ *eap->cmdlinep = evalarg->eval_tofree;
+ }
+ else
+ vim_free(evalarg->eval_tofree);
+ evalarg->eval_tofree = NULL;
+ }
+
+ ga_clear_strings(&evalarg->eval_tofree_ga);
+ VIM_CLEAR(evalarg->eval_tofree_lambda);
+ }
+}
+
/*
* Skip over an expression at "*pp".
* Return FAIL for an error, OK otherwise.
@@ -435,8 +492,8 @@ skip_expr_concatenate(
// Do not free the first line, the caller can still use it.
*((char_u **)gap->ga_data) = NULL;
// Do not free the last line, "arg" points into it, free it
- // later.
- vim_free(evalarg->eval_tofree);
+ // later. Also free "eval_tofree" later if needed.
+ free_eval_tofree_later(evalarg);
evalarg->eval_tofree =
((char_u **)gap->ga_data)[gap->ga_len - 1];
((char_u **)gap->ga_data)[gap->ga_len - 1] = NULL;
@@ -2274,7 +2331,7 @@ eval_next_line(char_u *arg, evalarg_T *evalarg)
}
else if (evalarg->eval_cookie != NULL)
{
- vim_free(evalarg->eval_tofree);
+ free_eval_tofree_later(evalarg);
evalarg->eval_tofree = line;
}
@@ -2301,45 +2358,6 @@ skipwhite_and_linebreak(char_u *arg, evalarg_T *evalarg)
return p;
}
-/*
- * Initialize "evalarg" for use.
- */
- void
-init_evalarg(evalarg_T *evalarg)
-{
- CLEAR_POINTER(evalarg);
- ga_init2(&evalarg->eval_tofree_ga, sizeof(char_u *), 20);
-}
-
-/*
- * After using "evalarg" filled from "eap": free the memory.
- */
- void
-clear_evalarg(evalarg_T *evalarg, exarg_T *eap)
-{
- if (evalarg != NULL)
- {
- if (evalarg->eval_tofree != NULL)
- {
- if (eap != NULL)
- {
- // We may need to keep the original command line, e.g. for
- // ":let" it has the variable names. But we may also need the
- // new one, "nextcmd" points into it. Keep both.
- vim_free(eap->cmdline_tofree);
- eap->cmdline_tofree = *eap->cmdlinep;
- *eap->cmdlinep = evalarg->eval_tofree;
- }
- else
- vim_free(evalarg->eval_tofree);
- evalarg->eval_tofree = NULL;
- }
-
- ga_clear_strings(&evalarg->eval_tofree_ga);
- VIM_CLEAR(evalarg->eval_tofree_lambda);
- }
-}
-
/*
* The "evaluate" argument: When FALSE, the argument is only parsed but not
* executed. The function may return OK, but the rettv will be of type
diff --git a/src/proto/eval.pro b/src/proto/eval.pro
index e6cd8928d19c..27a13c9498ba 100644
--- a/src/proto/eval.pro
+++ b/src/proto/eval.pro
@@ -9,6 +9,8 @@ int eval_expr_valid_arg(typval_T *tv);
int eval_expr_typval(typval_T *expr, typval_T *argv, int argc, typval_T *rettv);
int eval_expr_to_bool(typval_T *expr, int *error);
char_u *eval_to_string_skip(char_u *arg, exarg_T *eap, int skip);
+void init_evalarg(evalarg_T *evalarg);
+void clear_evalarg(evalarg_T *evalarg, exarg_T *eap);
int skip_expr(char_u **pp, evalarg_T *evalarg);
int skip_expr_concatenate(char_u **arg, char_u **start, char_u **end, evalarg_T *evalarg);
char_u *typval2string(typval_T *tv, int convert);
@@ -34,8 +36,6 @@ int pattern_match(char_u *pat, char_u *text, int ic);
char_u *eval_next_non_blank(char_u *arg, evalarg_T *evalarg, int *getnext);
char_u *eval_next_line(char_u *arg, evalarg_T *evalarg);
char_u *skipwhite_and_linebreak(char_u *arg, evalarg_T *evalarg);
-void init_evalarg(evalarg_T *evalarg);
-void clear_evalarg(evalarg_T *evalarg, exarg_T *eap);
int eval0(char_u *arg, typval_T *rettv, exarg_T *eap, evalarg_T *evalarg);
int eval0_retarg(char_u *arg, typval_T *rettv, exarg_T *eap, evalarg_T *evalarg, char_u **retarg);
int eval1(char_u **arg, typval_T *rettv, evalarg_T *evalarg);
diff --git a/src/testdir/test_vim9_script.vim b/src/testdir/test_vim9_script.vim
index 56a39efcf79b..597e31ec1c26 100644
--- a/src/testdir/test_vim9_script.vim
+++ b/src/testdir/test_vim9_script.vim
@@ -1560,6 +1560,19 @@ def Test_func_redefine_fails()
v9.CheckScriptFailure(lines, 'E1073:')
enddef
+def Test_lambda_split()
+ # this was using freed memory, because of the split expression
+ var lines =<< trim END
+ vim9script
+ try
+ 0
+ 0->(0
+ ->a.0(
+ ->u
+ END
+ v9.CheckScriptFailure(lines, 'E1050:')
+enddef
+
def Test_fixed_size_list()
# will be allocated as one piece of memory, check that changes work
var l = [1, 2, 3, 4]
diff --git a/src/userfunc.c b/src/userfunc.c
index f612160fc872..e0bdc3fda911 100644
--- a/src/userfunc.c
+++ b/src/userfunc.c
@@ -1372,7 +1372,6 @@ get_lambda_tv(
char_u *start, *end;
int *old_eval_lavars = eval_lavars_used;
int eval_lavars = FALSE;
- char_u *tofree1 = NULL;
char_u *tofree2 = NULL;
int equal_arrow = **arg == '(';
int white_error = FALSE;
@@ -1457,12 +1456,6 @@ get_lambda_tv(
ret = skip_expr_concatenate(arg, &start, &end, evalarg);
if (ret == FAIL)
goto errret;
- if (evalarg != NULL)
- {
- // avoid that the expression gets freed when another line break follows
- tofree1 = evalarg->eval_tofree;
- evalarg->eval_tofree = NULL;
- }
if (!equal_arrow)
{
@@ -1585,10 +1578,6 @@ get_lambda_tv(
theend:
eval_lavars_used = old_eval_lavars;
- if (evalarg != NULL && evalarg->eval_tofree == NULL)
- evalarg->eval_tofree = tofree1;
- else
- vim_free(tofree1);
vim_free(tofree2);
if (types_optional)
ga_clear_strings(&argtypes);
@@ -1607,10 +1596,6 @@ get_lambda_tv(
}
vim_free(fp);
vim_free(pt);
- if (evalarg != NULL && evalarg->eval_tofree == NULL)
- evalarg->eval_tofree = tofree1;
- else
- vim_free(tofree1);
vim_free(tofree2);
eval_lavars_used = old_eval_lavars;
return FAIL;

3
patches/source/vim/vim-gvim.SlackBuild
View file

@ -32,7 +32,7 @@ cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=vim-gvim
VIMBRANCH=8.2
VERSION=$(echo vim-${VIMBRANCH}*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)
BUILD=${BUILD:-2_slack15.0}
BUILD=${BUILD:-3_slack15.0}
# The possible settings for this are yes/no/dynamic.
PERLINTERP=${PERLINTERP:-dynamic}
@ -115,6 +115,7 @@ find . \
zcat $CWD/CVE-2022-2816.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/CVE-2022-2817.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/CVE-2022-2819.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/CVE-2022-2889.patch.gz | patch -p1 --verbose || exit 1
config_vim --with-x --enable-gui=gtk3 || exit 1
make $NUMJOBS || make || exit 1

3
patches/source/vim/vim.SlackBuild
View file

@ -25,7 +25,7 @@ cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=vim
VIMBRANCH=8.2
CTAGSVER=5.8
BUILD=${BUILD:-2_slack15.0}
BUILD=${BUILD:-3_slack15.0}
# The possible settings for this are yes/no/dynamic.
PERLINTERP=${PERLINTERP:-dynamic}
@ -156,6 +156,7 @@ find . \
zcat $CWD/CVE-2022-2816.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/CVE-2022-2817.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/CVE-2022-2819.patch.gz | patch -p1 --verbose || exit 1
zcat $CWD/CVE-2022-2889.patch.gz | patch -p1 --verbose || exit 1
config_vim --without-x --disable-gui || exit 1
make $NUMJOBS || make || exit 1

1
recompress.sh
View file

@ -1181,6 +1181,7 @@ gzip ./patches/source/python3/python3.distutils.x86_64.diff
gzip ./patches/source/seamonkey/autoconf/autoconf-2.13-consolidated_fixes-1.patch
gzip ./patches/source/seamonkey/doinst.sh
gzip ./patches/source/seamonkey/sm.ui.scrollToClick.diff
gzip ./patches/source/vim/CVE-2022-2889.patch
gzip ./patches/source/vim/CVE-2022-2819.patch
gzip ./patches/source/vim/ctags.use-conventional-unused-marker.patch
gzip ./patches/source/vim/vim.vimrc.diff