buffer overflow when outputting colored output in xxd
=====================================================
Date: 10.05.2024
Severity: Low
When outputting colored hexdumps using the -R command line flag,
together with -g1 (group every byte), -c 256 (format 256 octets per
line), -d (show offsets in decimal) and -o <large_numer> (add offset to
the file position), the buffer used to write to may overflow.
Impact is low since the user must intentionally execute xxd with several
non-default flags, but it may cause a crash of xxd.
The Vim project would like to thank github user Lennard Hofmann for
reporting and fixing this issue in Vim patch 9.1.0404.
URLs: https://github.com/vim/vim/commit/67797191e039196128c69
Thanks,
Chris
--
Ein Torheit, über die viele Satiren gemacht worden und bei der jede
neue Satire verliert, ist in der Wirklichkeit desto komischer.
-- Jean Paul