File CVE-2017-6349.patch of Package vim

Index: vim74/src/undo.c
===================================================================
--- vim74.orig/src/undo.c
+++ vim74/src/undo.c
@@ -1744,7 +1744,8 @@ u_read_undo(name, hash, orig_name)
      * When there are no headers uhp_table is NULL. */
     if (num_head > 0)
     {
-	uhp_table = (u_header_T **)U_ALLOC_LINE(
+    if (num_head < LONG_MAX / (long)sizeof(u_header_T *))
+	    uhp_table = (u_header_T **)U_ALLOC_LINE(
 					     num_head * sizeof(u_header_T *));
 	if (uhp_table == NULL)
 	    goto error;
openSUSE Build Service is sponsored by