File CVE-2017-6349.patch of Package vim
Index: vim74/src/undo.c
===================================================================
--- vim74.orig/src/undo.c
+++ vim74/src/undo.c
@@ -1744,7 +1744,8 @@ u_read_undo(name, hash, orig_name)
* When there are no headers uhp_table is NULL. */
if (num_head > 0)
{
- uhp_table = (u_header_T **)U_ALLOC_LINE(
+ if (num_head < LONG_MAX / (long)sizeof(u_header_T *))
+ uhp_table = (u_header_T **)U_ALLOC_LINE(
num_head * sizeof(u_header_T *));
if (uhp_table == NULL)
goto error;