Commit: patch 9.0.2115: crash when callback function aborts because of recursiveness
6 views
Skip to first unread message
Christian Brabandt
Nov 19, 2023, 5:00:15 AM11/19/23
to vim...@googlegroups.com
patch 9.0.2115: crash when callback function aborts because of recursiveness
Commit: https://github.com/vim/vim/commit/6701abfb522ec1d2ac18a04495ea874b94496ca6
Author: Christian Brabandt <c...@256bit.org>
Date: Sun Nov 19 10:52:50 2023 +0100
patch 9.0.2115: crash when callback function aborts because of recursiveness
Problem: crash when callback function aborts because of recursiveness
Solution: correctly initialize rettv
Initialize rettv in invoke_popup_callback()
Since v9.0.2030, call_callback may exit early when the callback recurses
too much. This meant that call_func, which would set rettv->v_type =
VAR_UNKNOWN, was not being called.
Without rettv->v_type being explicitly set, it still contained whatever
garbage was used to initialize the stack value in invoke_popup_callback.
This would lead to possible crashes when calling clear_tv(&rettv).
Rather than rely on action at a distance, explicitly initialize rettv's
type to VAR_UNKNOWN so clear_tv can tell nothing needs to be done.
closes: #13495
closes: #13545
Signed-off-by: James McCoy <jame...@jamessan.com>
Signed-off-by: Christian Brabandt <c...@256bit.org>
diff --git a/src/popupwin.c b/src/popupwin.c
index de604858c..64bb0b5be 100644
--- a/src/popupwin.c
+++ b/src/popupwin.c
@@ -2382,6 +2382,8 @@ invoke_popup_callback(win_T *wp, typval_T *result)
typval_T rettv;
typval_T argv[3];
+ rettv.v_type = VAR_UNKNOWN;
+
argv[0].v_type = VAR_NUMBER;
argv[0].vval.v_number = (varnumber_T)wp->w_id;
diff --git a/src/version.c b/src/version.c
index 2a0a6e77d..5dbfc5d08 100644
--- a/src/version.c
+++ b/src/version.c
@@ -704,6 +704,8 @@ static char *(features[]) =
static int included_patches[] =
{ /* Add new patch number below this line */
+/**/
+ 2115,
/**/
2114,
/**/
Commit: https://github.com/vim/vim/commit/6701abfb522ec1d2ac18a04495ea874b94496ca6
Author: Christian Brabandt <c...@256bit.org>
Date: Sun Nov 19 10:52:50 2023 +0100
patch 9.0.2115: crash when callback function aborts because of recursiveness
Problem: crash when callback function aborts because of recursiveness
Solution: correctly initialize rettv
Initialize rettv in invoke_popup_callback()
Since v9.0.2030, call_callback may exit early when the callback recurses
too much. This meant that call_func, which would set rettv->v_type =
VAR_UNKNOWN, was not being called.
Without rettv->v_type being explicitly set, it still contained whatever
garbage was used to initialize the stack value in invoke_popup_callback.
This would lead to possible crashes when calling clear_tv(&rettv).
Rather than rely on action at a distance, explicitly initialize rettv's
type to VAR_UNKNOWN so clear_tv can tell nothing needs to be done.
closes: #13495
closes: #13545
Signed-off-by: James McCoy <jame...@jamessan.com>
Signed-off-by: Christian Brabandt <c...@256bit.org>
diff --git a/src/popupwin.c b/src/popupwin.c
index de604858c..64bb0b5be 100644
--- a/src/popupwin.c
+++ b/src/popupwin.c
@@ -2382,6 +2382,8 @@ invoke_popup_callback(win_T *wp, typval_T *result)
typval_T rettv;
typval_T argv[3];
+ rettv.v_type = VAR_UNKNOWN;
+
argv[0].v_type = VAR_NUMBER;
argv[0].vval.v_number = (varnumber_T)wp->w_id;
diff --git a/src/version.c b/src/version.c
index 2a0a6e77d..5dbfc5d08 100644
--- a/src/version.c
+++ b/src/version.c
@@ -704,6 +704,8 @@ static char *(features[]) =
static int included_patches[] =
{ /* Add new patch number below this line */
+/**/
+ 2115,
/**/
2114,
/**/
Reply all
Reply to author
Forward
0 new messages