updated for version 7.4.009

Problem:    When a file was not decrypted (yet), writing it may destroy the
            contents.
Solution:   Mark the file as readonly until decryption was done. (Christian
            Brabandt)

diff --git a/src/fileio.c b/src/fileio.c
index b48a83a3cdce30c44c3bdb741fbbe922ef28ff6b..010d933a12693f79cbb091bd4a5bf383578753a0 100644 (file)
--- a/src/fileio.c
+++ b/src/fileio.c
@@ -2926,9 +2926,14 @@ check_for_cryptkey(cryptkey, ptr, sizep, filesizep, newfile, fname, did_ask)
     int                *did_ask;       /* flag: whether already asked for key */
 {
     int method = crypt_method_from_magic((char *)ptr, *sizep);
+    int b_p_ro = curbuf->b_p_ro;
 
     if (method >= 0)
     {
+       /* Mark the buffer as read-only until the decryption has taken place.
+        * Avoids accidentally overwriting the file with garbage. */
+       curbuf->b_p_ro = TRUE;
+
        set_crypt_method(curbuf, method);
        if (method > 0)
            (void)blowfish_self_test();
@@ -2977,6 +2982,8 @@ check_for_cryptkey(cryptkey, ptr, sizep, filesizep, newfile, fname, did_ask)
            *sizep -= CRYPT_MAGIC_LEN + salt_len + seed_len;
            mch_memmove(ptr, ptr + CRYPT_MAGIC_LEN + salt_len + seed_len,
                                                              (size_t)*sizep);
+           /* Restore the read-only flag. */
+           curbuf->b_p_ro = b_p_ro;
        }
     }
     /* When starting to edit a new file which does not have encryption, clear

diff --git a/src/version.c b/src/version.c
index 22fc9b961b9ec378e490a496140f42a8c8612278..9b5343e9d6a48ef838fcc406ce65a1ff22692c22 100644 (file)
--- a/src/version.c
+++ b/src/version.c
@@ -727,6 +727,8 @@ static char *(features[]) =
 
 static int included_patches[] =
 {   /* Add new patch number below this line */
+/**/
+    9,
 /**/
     8,
 /**/