patch 9.0.1873: [security] heap-buffer-overflow in vim_regsub_both Problem: heap-buffer-overflow in vim_regsub_both Solution: Disallow exchanging windows when textlock is active Signed-off-by: Christian Brabandt <cb@256bit.org>

commit: f6d28fe2c95c678cc3202cc5dc825a3fcc709e93 [log] [tgz]
author: Christian Brabandt <cb@256bit.org> Tue Sep 05 20:18:06 2023 +0200
committer: Christian Brabandt <cb@256bit.org> Tue Sep 05 20:18:06 2023 +0200
tree: a0acea7e99632dae8fd280bdadf932fc59435b2b
parent: d2a08ba0fa4a25f31cee9d9f33b0aa8237227387 [diff] [blame]
diff --git a/src/ex_cmds.c b/src/ex_cmds.c
index 4f1d932..566ed7d 100644
--- a/src/ex_cmds.c
+++ b/src/ex_cmds.c

@@ -4519,6 +4519,9 @@
 		{
 		    nmatch = curbuf->b_ml.ml_line_count - sub_firstlnum + 1;
 		    skip_match = TRUE;
+		    // safety check
+		    if (nmatch < 0)
+			goto skip;
 		}
 
 		// Need room for:
commit	f6d28fe2c95c678cc3202cc5dc825a3fcc709e93	[log] [tgz]
author	Christian Brabandt <cb@256bit.org>	Tue Sep 05 20:18:06 2023 +0200
committer	Christian Brabandt <cb@256bit.org>	Tue Sep 05 20:18:06 2023 +0200
tree	a0acea7e99632dae8fd280bdadf932fc59435b2b
parent	d2a08ba0fa4a25f31cee9d9f33b0aa8237227387 [diff] [blame]