Patch 9.0.0490
Problem: Using freed memory with cmdwin and BufEnter autocmd.
Solution: Make sure pointer to b_p_iminsert is still valid.
Files: src/ex_getln.c, src/testdir/test_cmdwin.vim
*** ../vim-9.0.0489/src/ex_getln.c 2022-09-15 12:43:20.472321987 +0100
--- src/ex_getln.c 2022-09-17 19:40:57.182604181 +0100
***************
*** 1587,1592 ****
--- 1587,1593 ----
#endif
expand_T xpc;
long *b_im_ptr = NULL;
+ buf_T *b_im_ptr_buf = NULL; // buffer where b_im_ptr is valid
cmdline_info_T save_ccline;
int did_save_ccline = FALSE;
int cmdline_type;
***************
*** 1683,1688 ****
--- 1684,1690 ----
b_im_ptr = &curbuf->b_p_iminsert;
else
b_im_ptr = &curbuf->b_p_imsearch;
+ b_im_ptr_buf = curbuf;
if (*b_im_ptr == B_IMODE_LMAP)
State |= MODE_LANGMAP;
#ifdef HAVE_INPUT_METHOD
***************
*** 2034,2040 ****
goto cmdline_not_changed;
case Ctrl_HAT:
! cmdline_toggle_langmap(b_im_ptr);
goto cmdline_not_changed;
// case '@': only in very old vi
--- 2036,2043 ----
goto cmdline_not_changed;
case Ctrl_HAT:
! cmdline_toggle_langmap(
! buf_valid(b_im_ptr_buf) ? b_im_ptr : NULL);
goto cmdline_not_changed;
// case '@': only in very old vi
***************
*** 2544,2550 ****
#endif
#ifdef HAVE_INPUT_METHOD
! if (b_im_ptr != NULL && *b_im_ptr != B_IMODE_LMAP)
im_save_status(b_im_ptr);
im_set_active(FALSE);
#endif
--- 2547,2554 ----
#endif
#ifdef HAVE_INPUT_METHOD
! if (b_im_ptr != NULL && buf_valid(b_im_ptr_buf)
! && *b_im_ptr != B_IMODE_LMAP)
im_save_status(b_im_ptr);
im_set_active(FALSE);
#endif
*** ../vim-9.0.0489/src/testdir/test_cmdwin.vim 2022-09-08 16:39:16.912140162
+0100
--- src/testdir/test_cmdwin.vim 2022-09-17 19:34:07.871491120 +0100
***************
*** 378,382 ****
--- 378,392 ----
call assert_equal('" bar', @:)
endfunc
+ " This was using a pointer to a freed buffer
+ func Test_cmdwin_freed_buffer_ptr()
+ au BufEnter * next 0| file
+ edit 0
+ silent! norm q/
+
+ au! BufEnter
+ bwipe!
+ endfunc
+
" vim: shiftwidth=2 sts=2 expandtab
*** ../vim-9.0.0489/src/version.c 2022-09-17 18:57:32.504190040 +0100
--- src/version.c 2022-09-17 19:38:08.426952729 +0100
***************
*** 705,706 ****
--- 705,708 ----
{ /* Add new patch number below this line */
+ /**/
+ 490,
/**/
--
>From "know your smileys":
<>:-) Bishop
/// Bram Moolenaar -- [email protected] -- http://www.Moolenaar.net \\\
/// \\\
\\\ sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ ///
\\\ help me help AIDS victims -- http://ICCF-Holland.org ///
--
--
You received this message from the "vim_dev" maillist.
Do not top-post! Type your reply below the text you are replying to.
For more information, visit http://www.vim.org/maillist.php
---
You received this message because you are subscribed to the Google Groups
"vim_dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/vim_dev/20220917184352.4290A1C0852%40moolenaar.net.
