Simply reproducable sample:
test.vim
```
try
throw 'excp'
catch
"
endtry
fu! TimerFunc(...)
echoerr 'oops'
endfu
call timer_start(1, 'TimerFunc')
```
vim -Nu test.vim
cause:
At finishing above try-catch-endtry, "current_exception" has directed a
dangling pointer (already freed).
Theref
On So, 09 Jul 2017, Aron Griffis wrote:
>
>
> On Sun, Jul 9, 2017 at 3:24 PM, Dominique Pellé
> wrote:
>
> Can you reproduce the crash with valgrind? It may give
> useful information. Just run vim as:
>
> $ valgrind --num-callers=50 --track-origins=yes ./vim 2> vg.log
>
> an
On Sun, Jul 9, 2017 at 3:24 PM, Dominique Pellé
wrote:
>
> Can you reproduce the crash with valgrind? It may give
> useful information. Just run vim as:
>
> $ valgrind --num-callers=50 --track-origins=yes ./vim 2> vg.log
>
> and vg.log will contain useful info if you manage to reproduce the bug.
>
Oh and POC3 creates this backtrace:
#0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51
#1 0x7426a3fa in __GI_abort () at abort.c:89
#2 0x742a6bd0 in __libc_message (do_abort=do_abort@entry=2,
fmt=fmt@entry=0x7439bdd0 "*** Error in `%s': %s: 0x%s ***\n"
Aron Griffis wrote:
> On Sun, Jul 9, 2017 at 3:06 PM, Aron Griffis wrote:
>>
>>
>>
>> On Sun, Jul 9, 2017 at 1:19 PM, Bram Moolenaar wrote:
>>>
>>>
>>> Aron Griffis wrote:
>>>
>>> > On Saturday, July 8, 2017 at 4:38:36 PM UTC-4, Bram Moolenaar wrote:
>>> > > Patch 8.0.0702
>>> > > Problem:A
On So, 09 Jul 2017, Bram Moolenaar wrote:
>
> James McCoy wrote:
>
> > A few issues were reported on RedHat's bug tracker[0] which have been
> > assigned CVE-2017-11109. I took an initial look at them and reduced the
> > fuzzer-created scripts so they're clearer (especially for POC2).
> >
> >
On Sun, Jul 9, 2017 at 3:17 PM, Aron Griffis wrote:
> In fact, I just rebuilt from pristine 702 source to make sure:
>
> $ CFLAGS=-ggdb ./configure --enable-gui=no --without-x
> $ make
> $ cd src
> $ gdb ./vim
> (gdb) run
>
> (change the content of .vim/background and .vim/scheme, cause segfault)
On Sun, Jul 9, 2017 at 3:06 PM, Aron Griffis wrote:
>
>
> On Sun, Jul 9, 2017 at 1:19 PM, Bram Moolenaar wrote:
>
>>
>> Aron Griffis wrote:
>>
>> > On Saturday, July 8, 2017 at 4:38:36 PM UTC-4, Bram Moolenaar wrote:
>> > > Patch 8.0.0702
>> > > Problem:An error in a timer can make Vim unusa
On Sun, Jul 9, 2017 at 1:19 PM, Bram Moolenaar wrote:
>
> Aron Griffis wrote:
>
> > On Saturday, July 8, 2017 at 4:38:36 PM UTC-4, Bram Moolenaar wrote:
> > > Patch 8.0.0702
> > > Problem:An error in a timer can make Vim unusable.
> > > Solution: Don't set the error flag or exception from a
On So, 09 Jul 2017, Dominique Pellé wrote:
> Bram Moolenaar wrote:
>
> > Aron Griffis wrote:
> >
> >> On Saturday, July 8, 2017 at 4:38:36 PM UTC-4, Bram Moolenaar wrote:
> >> > Patch 8.0.0702
> >> > Problem:An error in a timer can make Vim unusable.
> >> > Solution: Don't set the error f
Bram Moolenaar wrote:
> Aron Griffis wrote:
>
>> On Saturday, July 8, 2017 at 4:38:36 PM UTC-4, Bram Moolenaar wrote:
>> > Patch 8.0.0702
>> > Problem:An error in a timer can make Vim unusable.
>> > Solution: Don't set the error flag or exception from a timer. Stop a
>> > timer
>> >
Bram Moolenaar wrote:
> James McCoy wrote:
>
>> A few issues were reported on RedHat's bug tracker[0] which have been
>> assigned CVE-2017-11109. I took an initial look at them and reduced the
>> fuzzer-created scripts so they're clearer (especially for POC2).
>>
>> [0]: https://bugzilla.redhat.
James McCoy wrote:
> A few issues were reported on RedHat's bug tracker[0] which have been
> assigned CVE-2017-11109. I took an initial look at them and reduced the
> fuzzer-created scripts so they're clearer (especially for POC2).
>
> [0]: https://bugzilla.redhat.com/show_bug.cgi?id=1468492
>
Aron Griffis wrote:
> On Saturday, July 8, 2017 at 4:38:36 PM UTC-4, Bram Moolenaar wrote:
> > Patch 8.0.0702
> > Problem:An error in a timer can make Vim unusable.
> > Solution: Don't set the error flag or exception from a timer. Stop a
> > timer
> > if it causes an error 3 o
On Saturday, July 8, 2017 at 4:38:36 PM UTC-4, Bram Moolenaar wrote:
> Patch 8.0.0702
> Problem:An error in a timer can make Vim unusable.
> Solution: Don't set the error flag or exception from a timer. Stop a timer
> if it causes an error 3 out of 3 times. Discard an exception
Patch 8.0.0704
Problem:Problems with autocommands when opening help.
Solution: Avoid using invalid "varp" value. Allow using :wincmd if buffer
is locked. (closes #1806, closes #1804)
Files: src/option.c, src/ex_cmds.h
*** ../vim-8.0.0703/src/option.c2017-07-07 11:
Hi
I looked at this old item in todo.txt:
===
Illegal memory access, requires ASAN to see. (Dominique Pelle, 2015 Jul 28)
===
I can still reproduce it with the latest vim-8.0.703
built with asan. I found this simpler way to reproduce it:
$ vim -u NONE -c'set re=1' -c"call setline(1,'x')" -c
James McCoy wrote:
> A few issues were reported on RedHat's bug tracker[0] which have been
> assigned CVE-2017-11109. I took an initial look at them and reduced the
> fuzzer-created scripts so they're clearer (especially for POC2).
>
> [0]: https://bugzilla.redhat.com/show_bug.cgi?id=1468492
>
Patch 8.0.0703
Problem:Illegal memory access with empty :doau command.
Solution: Check the event for being out of range. (James McCoy)
Files: src/testdir/test_autocmd.vim, src/fileio.c
*** ../vim-8.0.0702/src/testdir/test_autocmd.vim2017-03-21
15:50:03.713154799 +0100
--- src
19 matches
Mail list logo
