Gitiles
Code Review Sign In
gerrit.omnirom.org / android_external_vim / 65aee0b714e809b9f19862f3decd35055ed4de10^! / . / src
commit65aee0b714e809b9f19862f3decd35055ed4de10[log] [tgz]
authorBram Moolenaar <Bram@vim.org>Sun Jun 27 14:08:24 2021 +0200
committerBram Moolenaar <Bram@vim.org>Sun Jun 27 14:08:24 2021 +0200
tree9aaa368563c0481d5a14e29689cc856370e2fba9
parent4cd5c52d64a66ad1984d33462a40e0c6721ca232 [diff]
patch 8.2.3063: crash when switching 'cryptmethod' to xchaha20 with undo file

Problem:    Crash when switching 'cryptmethod' to xchaha20 with an existing
            undo file. (Martin Tournoij)
Solution:   Disable reading undo file when decoding can't be done inplace.
            (issue #8467)

diff --git a/src/bufwrite.c b/src/bufwrite.c
index c91bcd9..e480e57 100644
--- a/src/bufwrite.c
+++ b/src/bufwrite.c

@@ -494,14 +494,16 @@
 	if (crypt_works_inplace(ip->bw_buffer->b_cryptstate))
 	{
 # endif
-	    crypt_encode_inplace(ip->bw_buffer->b_cryptstate, buf, len, ip->bw_finish);
+	    crypt_encode_inplace(ip->bw_buffer->b_cryptstate, buf, len,
+								ip->bw_finish);
 # ifdef CRYPT_NOT_INPLACE
 	}
 	else
 	{
 	    char_u *outbuf;
 
-	    len = crypt_encode_alloc(curbuf->b_cryptstate, buf, len, &outbuf, ip->bw_finish);
+	    len = crypt_encode_alloc(curbuf->b_cryptstate, buf, len, &outbuf,
+								ip->bw_finish);
 	    if (len == 0)
 		return OK;  // Crypt layer is buffering, will flush later.
 	    wlen = write_eintr(ip->bw_fd, outbuf, len);
@@ -1980,10 +1982,18 @@
 	write_info.bw_start_lnum = start;
 
 #ifdef FEAT_PERSISTENT_UNDO
+	// TODO: if the selected crypt method prevents the undo file from being
+	// written, and existing undo file should be deleted.
 	write_undo_file = (buf->b_p_udf
 			    && overwriting
 			    && !append
 			    && !filtering
+# ifdef CRYPT_NOT_INPLACE
+			    // writing undo file requires
+			    // crypt_encode_inplace()
+			    && (curbuf->b_cryptstate == NULL
+				|| crypt_works_inplace(curbuf->b_cryptstate))
+# endif
 			    && reset_changed
 			    && !checking_conversion);
 	if (write_undo_file)

diff --git a/src/fileio.c b/src/fileio.c
index 7c8f00d..4bd773e 100644
--- a/src/fileio.c
+++ b/src/fileio.c

@@ -1298,9 +1298,17 @@
 		 * At start of file: Check for magic number of encryption.
 		 */
 		if (filesize == 0 && size > 0)
+		{
 		    cryptkey = check_for_cryptkey(cryptkey, ptr, &size,
 						  &filesize, newfile, sfname,
 						  &did_ask_for_key);
+# ifdef CRYPT_NOT_INPLACE
+		    if (curbuf->b_cryptstate != NULL
+				 && !crypt_works_inplace(curbuf->b_cryptstate))
+			// reading undo file requires crypt_decode_inplace()
+			read_undo_file = FALSE;
+# endif
+		}
 		/*
 		 * Decrypt the read bytes.  This is done before checking for
 		 * EOF because the crypt layer may be buffering.

diff --git a/src/version.c b/src/version.c
index e311104..1238a49 100644
--- a/src/version.c
+++ b/src/version.c

@@ -756,6 +756,8 @@
 static int included_patches[] =
 {   /* Add new patch number below this line */
 /**/
+    3063,
+/**/
     3062,
 /**/
     3061,