Received: by 2002:ab2:6a05:0:b0:1f8:1780:a4ed with SMTP id w5csp470420lqo;
        Fri, 10 May 2024 05:47:46 -0700 (PDT)
X-Forwarded-Encrypted: i=2; AJvYcCVyhN/laiZtSsrzsnC/lORYUwyKxpiX0SjyGXMhzz5ISHxk3beJ24MiQzyYW9fCVCzFnfNsUvSOr6WPo618oT3PzFtgw0VynMyeNmgvHA==
X-Google-Smtp-Source: AGHT+IFQ/yhmt+w51r+RceqvWtSvUEdGjn+fpZcqgRx2vYoC604csksQ4dNOFBhk8Qj7gNVNPBYs
X-Received: by 2002:a05:620a:14ad:b0:792:c199:d318 with SMTP id af79cd13be357-792c7573f36mr264051985a.12.1715345266068;
        Fri, 10 May 2024 05:47:46 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1715345266; cv=none;
        d=google.com; s=arc-20160816;
        b=lfIiHwEVxuJ1hqECvIzl1ChnMLjQ7rPLA8Frj/jYalqObJsb8N7+2hwNGCR0U7CtLT
         vlzj4QYpC7zncqqTKR9DsriWYCHbpUwEFBH66CsBOzcmIr5q91eYWQI/txJVQ+oEQQmn
         zCoraBz6VPhirpFBDiSzm5DPxC7XQm07cJs33oegShgKYCUOCcLildNYS1Yw6nZ0JNoN
         Fh49Xkcx4IcqG1bsr58kMtk1pxr2KjYkf6LSkssK2gPN1J6AJii/iTeUk1ApGIhUlotc
         1K5AY0VgpxSKCOWpDVBmcCt6QcQOrTM0TIdEgLBgobKojIFdhQ66y8PTZq7r02FckUw1
         6zaA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=subject:content-transfer-encoding:content-disposition:mime-version
         :message-id:cc:to:from:date:delivered-to:reply-to:list-id
         :list-subscribe:list-unsubscribe:list-help:list-post:precedence
         :mailing-list;
        bh=vIieL1SMwN3TC/bqErjdjb9VkL6xx+/OHYeGM1qDJ0Y=;
        fh=jvnWT+HSsesqXKX6oxtzVglT345/78eyEym0zJTooOE=;
        b=Mefms2T2YG4CNTQ2/vyBuVjTkCRtX9eb9dXcJyWeOGZTus5cDwilZ1CzPN+Eb4S/43
         oJSSUt5pdOQbHwx2UfekCxm6tm044uHsA2mWr1vPOW31Dq0u1bmms0m9D3f5v/2JRQJ+
         DS0W7XvXJLkYb2OShyhJ7lYZxnicNc9SY11XWixEaNMfGFDhA/yqoJXoVktzYWcf4gGL
         WKL+WJn70j1h77dRpts5HE1uBZxwKgdzxnQ5m8N2eJZHDhgne+xRzMcKzjPEnjPnyrMk
         eDmR7lGBYljgZvR+lNHm0E3o5iRlTLOvJaUCBPNZNtIl7nDFvMlL66LZK/c4+Pw+DsHU
         bprQ==;
        dara=google.com
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of oss-security-return-30142-linux.lists.archive=gmail.com@lists.openwall.com designates 193.110.157.125 as permitted sender) smtp.mailfrom="oss-security-return-30142-linux.lists.archive=gmail.com@lists.openwall.com";
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=256bit.org
Return-Path: <oss-security-return-30142-linux.lists.archive=gmail.com@lists.openwall.com>
Received: from second.openwall.net (second.openwall.net. [193.110.157.125])
        by mx.google.com with SMTP id af79cd13be357-792bf277e03si384023185a.15.2024.05.10.05.47.45
        for <linux.lists.archive@gmail.com>;
        Fri, 10 May 2024 05:47:46 -0700 (PDT)
Received-SPF: pass (google.com: domain of oss-security-return-30142-linux.lists.archive=gmail.com@lists.openwall.com designates 193.110.157.125 as permitted sender) client-ip=193.110.157.125;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of oss-security-return-30142-linux.lists.archive=gmail.com@lists.openwall.com designates 193.110.157.125 as permitted sender) smtp.mailfrom="oss-security-return-30142-linux.lists.archive=gmail.com@lists.openwall.com";
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=256bit.org
Received: (qmail 27680 invoked by uid 550); 10 May 2024 12:47:23 -0000
Mailing-List: contact oss-security-help@lists.openwall.com; run by ezmlm
Precedence: bulk
List-Post: <mailto:oss-security@lists.openwall.com>
List-Help: <mailto:oss-security-help@lists.openwall.com>
List-Unsubscribe: <mailto:oss-security-unsubscribe@lists.openwall.com>
List-Subscribe: <mailto:oss-security-subscribe@lists.openwall.com>
List-ID: <oss-security.lists.openwall.com>
Reply-To: oss-security@lists.openwall.com
Delivered-To: mailing list oss-security@lists.openwall.com
Received: (qmail 26612 invoked from network); 10 May 2024 12:47:23 -0000
Date: Fri, 10 May 2024 14:47:13 +0200
From: Christian Brabandt <cb@256bit.org>
To: oss-security@lists.openwall.com
Cc: lennard.hofmann@web.de
Message-ID: <Zj4XUd982lJXTh4u@256bit.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
X-SA-Exim-Connect-IP: <locally generated>
X-SA-Exim-Mail-From: cb@256bit.org
X-SA-Exim-Scanned: No (on 256bit.org); SAEximRunCond expanded to false
Subject: [oss-security] [vim-security] buffer-overlow in xxd with colored output < v9.1.0404

buffer overflow when outputting colored output in xxd
=====================================================
Date: 10.05.2024
Severity: Low

When outputting colored hexdumps using the -R command line flag, 
together with -g1 (group every byte), -c 256 (format 256 octets per 
line), -d (show offsets in decimal) and -o <large_numer> (add offset to 
the file position), the buffer used to write to may overflow.

Impact is low since the user must intentionally execute xxd with several 
non-default flags, but it may cause a crash of xxd.

The Vim project would like to thank github user Lennard Hofmann for 
reporting and fixing this issue in Vim patch 9.1.0404.

URLs: https://github.com/vim/vim/commit/67797191e039196128c69

Thanks,
Chris
-- 
Ein Torheit, über die viele Satiren gemacht worden und bei der jede
neue Satire verliert, ist in der Wirklichkeit desto komischer.
		-- Jean Paul