Hi
afl-fuzz found that command :helpt {dir} leaks memory
in Vim-7.4.909 when the directory argument does not
exist (E150). Valgrind says:
==4962== 2 bytes in 1 blocks are definitely lost in loss record 1 of 125
==4962== at 0x4C2AB80: malloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==4962== by 0x4E27E3: lalloc (misc2.c:921)
==4962== by 0x4E26F1: alloc (misc2.c:820)
==4962== by 0x4E2BF4: vim_strsave (misc2.c:1246)
==4962== by 0x486B15: ExpandOne (ex_getln.c:3686)
==4962== by 0x460C19: ex_helptags (ex_cmds.c:6572)
==4962== by 0x46E052: do_one_cmd (ex_docmd.c:2961)
==4962== by 0x46AD47: do_cmdline (ex_docmd.c:1133)
==4962== by 0x46A383: do_cmdline_cmd (ex_docmd.c:738)
==4962== by 0x5DD77A: exe_commands (main.c:2926)
==4962== by 0x5DAD5C: main (main.c:961)
Leak can be reproduced with:
$ vim -u NONE -c 'helpt@'
Attached patch fixes it.
Regards
Dominique
--
--
You received this message from the "vim_dev" maillist.
Do not top-post! Type your reply below the text you are replying to.
For more information, visit http://www.vim.org/maillist.php
---
You received this message because you are subscribed to the Google Groups
"vim_dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
diff --git a/src/ex_cmds.c b/src/ex_cmds.c
index b23f158..c2b600c 100644
--- a/src/ex_cmds.c
+++ b/src/ex_cmds.c
@@ -6574,6 +6574,7 @@ ex_helptags(eap)
if (dirname == NULL || !mch_isdir(dirname))
{
EMSG2(_("E150: Not a directory: %s"), eap->arg);
+ vim_free(dirname);
return;
}
