CVE-2022-0128 vim is vulnerable to Out-of-bounds Read
It happens when you do command like visual block, visual selection, visual selection with motion, etc. When you are working in vim, you might have noticed that it is quite hard to find out which line of a particular file you are editing. If you are working on a large project with many files, then it certainly becomes difficult to identify the line which you are editing.
You might have also come across the situation where you want to go back in your file and find out a particular line. When you are editing a large project in vim, you might have a situation where you want to go back and find that one particular line where you had made some changes. It is quite difficult to find out which line you had made changes on. One important thing to keep in mind is that you should never try to edit a file in vim where it has a large file size.
As a rule of thumb, never edit a file in vim where its size is more than 2-3 MB. The reason behind this is that if the file is too large, then it might take some time for vim to load that file, which might result in errors. Another important thing to keep in mind is that never edit a file where a large number of lines exist. The more lines exist in the file, the more time it will take for vim to load that file. When you are trying to find a particular line, it will be difficult to do so if the file size of the file is
How to Find Which Line You Are Editing? vim provides a mechanism to go back and find out which line you are editing. This is done by using the G command. This will allow vim to jump back in the file and show you which line you have currently edited.
The G command can be used either from normal mode or from visual mode. To use it in normal mode, type "G", followed by the number of lines that exist in the file, such as: "5G" or "3G". The G command will take vim down to the specified line and then move back up to where your cursor is currently positioned.
To use it in visual mode, type "vG" followed by the number of lines that exist in the file, such as: "v5G" or "v3G". The G command will take vim down to the specified line and then move back up to where your cursor is currently positioned.
How to navigate to a particular line in vim?
If you want to navigate to the particular line in a file where you made changes, then it is quite easy to do so. This can be done by using the command ":%s/old-line/new-line" . In the above statement, "/old-line/new-line" will search for a particular line in the file. If you find that particular line where your changes have been made, then vim will automatically jump onto that line after the command has been executed.
Another way of going about this is by using the command "\
vim: set filetype=vim:imInstall VCS plugins
The following editors work well with vim.
Atom: https://atom.io/packages/unite-vsftp
Vim: https://github.com/tpope/vim-plug
What is visual block mode?
Visual block mode is a feature that vim has in it. This also happens when you do commands like visual block, visual selection, and visual selection with motion, etc. When you are working in vim, you might have noticed that it is quite difficult to find out which line of a particular file you are editing. If you are working on a large project with many files, then it certainly becomes difficult to identify the line which you are editing.
You might have also come across the situation where you want to go back in your file and find out a particular line. When you are editing a large project in vim, you might have a situation where you want to go back and find that one particular line where you had made some changes. It is quite difficult to find out which line you had made changes on. One important thing to keep in mind is that when trying to edit a file in vim where its size is more than 2-3 MB and there exists a large number of lines; never try to do so because this will result in errors during load time or speed up your computer's performance due to slow load times.
Timeline
Published on: 01/06/2022 17:15:00 UTC
Last modified on: 08/21/2022 06:15:00 UTC
References
- https://github.com/vim/vim/commit/d3a117814d6acbf0dca3eff1a7626843b9b3734a
- https://huntr.dev/bounties/63f51299-008a-4112-b85b-1e904aadd4ba
- http://www.openwall.com/lists/oss-security/2022/01/15/1
- https://support.apple.com/kb/HT213183
- http://seclists.org/fulldisclosure/2022/Mar/29
- https://support.apple.com/kb/HT213256
- http://seclists.org/fulldisclosure/2022/May/35
- https://support.apple.com/kb/HT213343
- http://seclists.org/fulldisclosure/2022/Jul/14
- https://security.gentoo.org/glsa/202208-32
- https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0128