Xavier de Gaye wrote:
> Problem:
> As a workaround to the netbeans bug fixed by Vim 7.3.060 (Netbeans:
> crash when socket is disconnected unexpectedly), pyclewn sends a
> 'DETACH' netbeans message to terminate the netbeans session instead of
> just closing the socket. This causes Vim to crash when running the new
> 'test_bp_restored_after_detach' test from the 'pdb' pyclewn test
> suite.
>
> The crash does not occur when vim is run interactively or when vim
> is run under the control of gdb, only with this automated test.
>
>
> Description:
> See the gdb back trace below.
>
> 1. the function netbeans_parse_messages() processes a node whose
> content is:
>
> node->buffer: "DETACH\n4:removeAnno!115 1\n"
>
> 2. node->buffer is split with 'p' at netbeans.c:681, since
> node->buffer contains two messages then we have (*p != NUL)
>
> 3. nb_parse_cmd() at netbeans.c:689 processes the 'DETACH' message
> that frees all the netbeans data structures
>
> 4. after returning from nb_parse_cmd(), 'p' has become a pointer to
> invalidated data; it occurs that it is pointing to a NUL character,
> hence the call to vim_free at netbeans.c:694 that crashes Vim
> since node->buffer had already been freed by the call to
> nb_parse_cmd('DETACH')
>
>
> Patch:
> See the attached patch on Vim 7.3.069.
Thanks, I'll look into this soon.
--
ARTHUR: What are you going to do. bleed on me?
"Monty Python and the Holy Grail" PYTHON (MONTY) PICTURES LTD
/// Bram Moolenaar -- [email protected] -- http://www.Moolenaar.net \\\
/// sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\
\\\ an exciting new programming language -- http://www.Zimbu.org ///
\\\ help me help AIDS victims -- http://ICCF-Holland.org ///
--
You received this message from the "vim_dev" maillist.
Do not top-post! Type your reply below the text you are replying to.
For more information, visit http://www.vim.org/maillist.php
