patch 8.2.3247: using uninitialized memory when checking for crypt method
Problem: Using uninitialized memory when checking for crypt method.
Solution: Check the header length before using the salt and seed.
diff --git a/src/fileio.c b/src/fileio.c
index 81a7b50..eb46f1f 100644
--- a/src/fileio.c
+++ b/src/fileio.c
@@ -2917,15 +2917,16 @@
{
int header_len;
- curbuf->b_cryptstate = crypt_create_from_header(
- method, cryptkey, ptr);
- crypt_set_cm_option(curbuf, method);
-
- // Remove cryptmethod specific header from the text.
header_len = crypt_get_header_len(method);
if (*sizep <= header_len)
// invalid header, buffer can't be encrypted
return NULL;
+
+ curbuf->b_cryptstate = crypt_create_from_header(
+ method, cryptkey, ptr);
+ crypt_set_cm_option(curbuf, method);
+
+ // Remove cryptmethod specific header from the text.
*filesizep += header_len;
*sizep -= header_len;
mch_memmove(ptr, ptr + header_len, (size_t)*sizep);