Patch 9.0.0554

[Bram Moolenaar]

Patch 9.0.0554
Problem: Using freed memory when command follows lambda.
Solution: Don't free what is still in use. (closes #11201)
Files: src/vim9expr.c, src/eval.c, src/testdir/test_vim9_func.vim


*** ../vim-9.0.0553/src/vim9expr.c 2022-09-19 16:08:01.428998441 +0100
--- src/vim9expr.c 2022-09-23 11:45:51.617141153 +0100
***************
*** 522,531 ****
{
type = lvar.lv_type;
idx = lvar.lv_idx;
- outer_loop_depth = lvar.lv_loop_depth;
- outer_loop_idx = lvar.lv_loop_idx;
if (lvar.lv_from_outer != 0)
gen_load_outer = lvar.lv_from_outer;
else
gen_load = TRUE;
}
--- 522,533 ----
{
type = lvar.lv_type;
idx = lvar.lv_idx;
if (lvar.lv_from_outer != 0)
+ {
gen_load_outer = lvar.lv_from_outer;
+ outer_loop_depth = lvar.lv_loop_depth;
+ outer_loop_idx = lvar.lv_loop_idx;
+ }
else
gen_load = TRUE;
}
***************
*** 1096,1101 ****
--- 1098,1104 ----

*arg = ((char_u **)cctx->ctx_ufunc->uf_lines.ga_data)[cctx->ctx_lnum]
+ off;
+ evalarg.eval_using_cmdline = FALSE;
}

clear_evalarg(&evalarg, NULL);
*** ../vim-9.0.0553/src/eval.c 2022-09-22 21:35:16.041424474 +0100
--- src/eval.c 2022-09-23 12:24:14.103560463 +0100
***************
*** 382,404 ****
{
if (evalarg != NULL)
{
! if (evalarg->eval_tofree != NULL)
{
if (eap != NULL)
{
// We may need to keep the original command line, e.g. for
! // ":let" it has the variable names. But we may also need the
! // new one, "nextcmd" points into it. Keep both.
vim_free(eap->cmdline_tofree);
eap->cmdline_tofree = *eap->cmdlinep;
! *eap->cmdlinep = evalarg->eval_tofree;
}
else
vim_free(evalarg->eval_tofree);
evalarg->eval_tofree = NULL;
}

! ga_clear_strings(&evalarg->eval_tofree_ga);
VIM_CLEAR(evalarg->eval_tofree_lambda);
}
}
--- 382,415 ----
{
if (evalarg != NULL)
{
! garray_T *etga = &evalarg->eval_tofree_ga;
!
! if (evalarg->eval_tofree != NULL || evalarg->eval_using_cmdline)
{
if (eap != NULL)
{
// We may need to keep the original command line, e.g. for
! // ":let" it has the variable names. But we may also need
! // the new one, "nextcmd" points into it. Keep both.
vim_free(eap->cmdline_tofree);
eap->cmdline_tofree = *eap->cmdlinep;
!
! if (evalarg->eval_using_cmdline && etga->ga_len > 0)
! {
! // "nextcmd" points into the last line in eval_tofree_ga,
! // need to keep it around.
! --etga->ga_len;
! *eap->cmdlinep = ((char_u **)etga->ga_data)[etga->ga_len];
! }
! else
! *eap->cmdlinep = evalarg->eval_tofree;
}
else
vim_free(evalarg->eval_tofree);
evalarg->eval_tofree = NULL;
}

! ga_clear_strings(etga);
VIM_CLEAR(evalarg->eval_tofree_lambda);
}
}
*** ../vim-9.0.0553/src/testdir/test_vim9_func.vim 2022-09-22 22:03:11.256114607 +0100
--- src/testdir/test_vim9_func.vim 2022-09-23 12:31:25.687752039 +0100
***************
*** 1515,1520 ****
--- 1515,1534 ----
v9.CheckDefAndScriptFailure(lines, 'E488: Trailing characters: | echo')
enddef

+ def Test_lambda_with_following_cmd()
+ var lines =<< trim END
+ set ts=2
+ var Lambda = () => {
+ set ts=4
+ } | set ts=3
+ assert_equal(3, &ts)
+ Lambda()
+ assert_equal(4, &ts)
+ END
+ v9.CheckDefAndScriptSuccess(lines)
+ set ts=8
+ enddef
+
def Test_pass_legacy_lambda_to_def_func()
var lines =<< trim END
vim9script
*** ../vim-9.0.0553/src/version.c 2022-09-22 22:03:11.256114607 +0100
--- src/version.c 2022-09-23 12:27:27.523652112 +0100
***************
*** 701,702 ****
--- 701,704 ----
{ /* Add new patch number below this line */
+ /**/
+ 554,
/**/

--
Amazing but true: If all the salmon caught in Canada in one year were laid
end to end across the Sahara Desert, the smell would be absolutely awful.

/// Bram Moolenaar -- Br...@Moolenaar.net -- http://www.Moolenaar.net \\\
/// \\\
\\\ sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ ///
\\\ help me help AIDS victims -- http://ICCF-Holland.org ///