إرسال #497546: VIM vim 68d08588928b29fe0b19e3513cd689486260ab1c illegal read accessالمعلومات

عنوانVIM vim 68d08588928b29fe0b19e3513cd689486260ab1c illegal read access
الوصف Vim crashes when the path specified by the --log option is inaccessible. **Steps to reproduce** compile vim (commit id: 68d0858) with "-g" option. run cmd vim --log /path/to/file **Expected behaviour** vim exited with an 'failed to open log file' error. **Version of Vim** 68d0858 **Environment** vim detail version VIM - Vi IMproved 9.1 (2024 Jan 02, compiled Feb 10 2025 14:21:36) Included patches: 1-1094 Compiled by swj@amax Huge version without GUI. Features included (+) or not (-): +acl +clientserver +diff +folding +langmap +mouse_dec +num64 +reltime +syntax +title +wildmenu +arabic +clipboard +digraphs -footer +libcall -mouse_gpm +packages +rightleft +tag_binary -toolbar +windows +autocmd +cmdline_compl -dnd +fork() +linebreak -mouse_jsbterm +path_extra -ruby -tag_old_static +user_commands +writebackup +autochdir +cmdline_hist -ebcdic +gettext +lispindent +mouse_netterm -perl +scrollbind -tag_any_white +vartabs +X11 -autoservername +cmdline_info +emacs_tags -hangul_input +listcmds +mouse_sgr +persistent_undo +signs -tcl +vertsplit +xattr -balloon_eval +comments +eval +iconv +localmap -mouse_sysmouse +popupwin +smartindent +termguicolors +vim9script +xfontset +balloon_eval_term +conceal +ex_extra +insert_expand -lua +mouse_urxvt +postscript -sodium +terminal +viminfo -xim -browse +cryptv +extra_search +ipv6 +menu +mouse_xterm +printer -sound +terminfo +virtualedit -xpm ++builtin_terms +cscope -farsi +job +mksession +multi_byte +profile +spell +termresponse +visual +xsmp_interact +byte_offset +cursorbind +file_in_path +jumplist +modify_fname +multi_lang -python +startuptime +textobjects +visualextra +xterm_clipboard +channel +cursorshape +find_in_path +keymap +mouse -mzscheme -python3 +statusline +textprop +vreplace -xterm_save +cindent +dialog_con +float +lambda -mouseshape +netbeans_intg +quickfix -sun_workshop +timers +wildignore system vimrc file: "$VIM/vimrc" user vimrc file: "$HOME/.vimrc" 2nd user vimrc file: "/.vim/vimrc" 3rd user vimrc file: "/.config/vim/vimrc" user exrc file: "$HOME/.exrc" defaults file: "$VIMRUNTIME/defaults.vim" fall-back for $VIM: "/data/swj/optfuzz/benchmark/vim/bins/share/vim" Compilation: gcc -c -I. -Iproto -DHAVE_CONFIG_H -fsanitize=address -g -D_REENTRANT -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=1 Linking: gcc -fsanitize=address -g -L/usr/local/lib -Wl,--as-needed -o vim -lSM -lICE -lXt -lX11 -lXdmcp -lSM -lICE -lm -ltinfo -lselinux -ldl **os version** No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu 20.04.6 LTS Release: 20.04 Codename: focal **Logs and stack traces** (base) swj@amax /data/swj/optfuzz/benchmark/vim (master?) $ gdb /data/swj/optfuzz/benchmark/vim/bins/bin/vim GNU gdb (Ubuntu 9.2-0ubuntu1~20.04.2) 9.2 Copyright (C) 2020 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-linux-gnu". Type "show configuration" for configuration details. For bug reporting instructions, please see: <http://www.gnu.org/software/gdb/bugs/>. Find the GDB manual and other documentation resources online at: <http://www.gnu.org/software/gdb/documentation/>. For help, type "help". Type "apropos word" to search for commands related to "word"... Reading symbols from /data/swj/optfuzz/benchmark/vim/bins/bin/vim... (gdb) r --log /path/to/log Starting program: /data/swj/optfuzz/benchmark/vim/bins/bin/vim --log /path/to/log [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1". Program received signal SIGSEGV, Segmentation fault. 0x0000555555ef745c in get_emsg_lnum () at message.c:521 521 if (SOURCING_NAME != NULL (gdb) bt #0 0x0000555555ef745c in get_emsg_lnum () at message.c:521 #1 0x0000555555ef77be in msg_source (attr=0) at message.c:558 #2 0x0000555555ef8936 in emsg_core (s=0x555556143680 <e_cant_open_file_str> "E484: Can't open file %s") at message.c:784 #3 0x0000555555ef8b73 in semsg (s=0x555556143680 <e_cant_open_file_str> "E484: Can't open file %s") at message.c:829 #4 0x00005555559900aa in ch_logfile (fname=0x7fffffffe4ba "/path/to/log", opt=0x555555fe2880 "ao") at logfile.c:51 #5 0x0000555555ee6687 in main (argc=3, argv=0x7fffffffe178) at main.c:161
المصدر⚠️ https://github.com/vim/vim/issues/16606
المستخدم
 wenjusun (UID 80422)
ارسال10/02/2025 02:57 PM (1 سنة منذ)
الاعتدال10/02/2025 11:56 PM (9 hours later)
الحالةتمت الموافقة
إدخال VulDB295174 [vim حتى 9.1.1096 src/main.c --log تلف الذاكرة]
النقاط20

التالي نظرة عامة السابق

Want to know what is going to be exploited?

We predict KEV entries!