To: vim_dev@googlegroups.com Subject: Patch 8.2.5050 Fcc: outbox From: Bram Moolenaar Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ------------ Patch 8.2.5050 Problem: Using freed memory when searching for pattern in path. Solution: Make a copy of the line. Files: src/search.c, src/testdir/test_tagjump.vim *** ../vim-8.2.5049/src/search.c 2022-05-21 20:16:51.007567185 +0100 --- src/search.c 2022-06-01 15:19:32.199358924 +0100 *************** *** 3305,3310 **** --- 3305,3325 ---- } #if defined(FEAT_FIND_ID) || defined(PROTO) + + /* + * Get line "lnum" and copy it into "buf[LSIZE]". + * The copy is made because the regexp may make the line invalid when using a + * mark. + */ + static char_u * + get_line_and_copy(linenr_T lnum, char_u *buf) + { + char_u *line = ml_get(lnum); + + vim_strncpy(buf, line, LSIZE - 1); + return buf; + } + /* * Find identifiers or defines in included files. * If p_ic && compl_status_sol() then ptr must be in lowercase. *************** *** 3409,3415 **** end_lnum = curbuf->b_ml.ml_line_count; if (lnum > end_lnum) // do at least one line lnum = end_lnum; ! line = ml_get(lnum); for (;;) { --- 3424,3430 ---- end_lnum = curbuf->b_ml.ml_line_count; if (lnum > end_lnum) // do at least one line lnum = end_lnum; ! line = get_line_and_copy(lnum, file_line); for (;;) { *************** *** 3738,3744 **** { if (lnum >= end_lnum) goto exit_matched; ! line = ml_get(++lnum); } else if (vim_fgets(line = file_line, LSIZE, files[depth].fp)) --- 3753,3759 ---- { if (lnum >= end_lnum) goto exit_matched; ! line = get_line_and_copy(++lnum, file_line); } else if (vim_fgets(line = file_line, LSIZE, files[depth].fp)) *************** *** 3950,3956 **** { if (++lnum > end_lnum) break; ! line = ml_get(lnum); } already = NULL; } --- 3965,3971 ---- { if (++lnum > end_lnum) break; ! line = get_line_and_copy(lnum, file_line); } already = NULL; } *** ../vim-8.2.5049/src/testdir/test_tagjump.vim 2022-05-26 16:32:40.808137960 +0100 --- src/testdir/test_tagjump.vim 2022-06-01 15:10:57.348204592 +0100 *************** *** 1290,1295 **** --- 1290,1306 ---- close! endfunc + " this was using a line from ml_get() freed by the regexp + func Test_isearch_copy_line() + new + norm o + norm 0 + 0norm o + sil! norm bc0 + sil! isearch \%') + bwipe! + endfunc + " Test for :dsearch, :dlist, :djump and :dsplit commands " Test for [d, ]d, [D, ]D, [ CTRL-D, ] CTRL-D and CTRL-W d commands func Test_macro_search() *** ../vim-8.2.5049/src/version.c 2022-06-01 12:31:05.194803595 +0100 --- src/version.c 2022-06-01 15:20:42.355053866 +0100 *************** *** 736,737 **** --- 736,739 ---- { /* Add new patch number below this line */ + /**/ + 5050, /**/ -- WOMAN: I didn't know we had a king. I thought we were an autonomous collective. DENNIS: You're fooling yourself. We're living in a dictatorship. A self-perpetuating autocracy in which the working classes-- WOMAN: Oh there you go, bringing class into it again. DENNIS: That's what it's all about if only people would-- The Quest for the Holy Grail (Monty Python) /// Bram Moolenaar -- Bram@Moolenaar.net -- http://www.Moolenaar.net \\\ /// \\\ \\\ sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ /// \\\ help me help AIDS victims -- http://ICCF-Holland.org ///