Patch 8.2.4646

10 views

Skip to first unread message

Bram Moolenaar

unread,

Mar 29, 2022, 8:25:45 AM3/29/22

to vim...@googlegroups.com

Patch 8.2.4646
Problem: Using buffer line after it has been freed in old regexp engine.
Solution: After getting mark get the line again.
Files: src/regexp_bt.c, src/testdir/test_regexp_latin.vim

*** ../vim-8.2.4645/src/regexp_bt.c 2022-02-22 13:37:26.339255247 +0000
--- src/regexp_bt.c 2022-03-29 13:23:59.104008292 +0100
***************
*** 3360,3367 ****
--- 3360,3376 ----
int mark = OPERAND(scan)[0];
int cmp = OPERAND(scan)[1];
pos_T *pos;
+ size_t col = REG_MULTI ? rex.input - rex.line : 0;

pos = getmark_buf(rex.reg_buf, mark, FALSE);
+
+ // Line may have been freed, get it again.
+ if (REG_MULTI)
+ {
+ rex.line = reg_getline(rex.lnum);
+ rex.input = rex.line + col;
+ }
+
if (pos == NULL // mark doesn't exist
|| pos->lnum <= 0) // mark isn't set in reg_buf
{
*** ../vim-8.2.4645/src/testdir/test_regexp_latin.vim 2022-03-22 21:14:51.752456009 +0000
--- src/testdir/test_regexp_latin.vim 2022-03-29 13:23:28.496028107 +0100
***************
*** 1042,1051 ****
--- 1042,1058 ----

func Test_using_mark_position()
" this was using freed memory
+ " new engine
new
norm O0
call assert_fails("s/\\%')", 'E486:')
bwipe!
+
+ " old engine
+ new
+ norm O0
+ call assert_fails("s/\\%#=1\\%')", 'E486:')
+ bwipe!
endfunc

func Test_using_visual_position()
*** ../vim-8.2.4645/src/version.c 2022-03-29 11:56:57.557660671 +0100
--- src/version.c 2022-03-29 13:24:30.787987279 +0100
***************
*** 752,753 ****
--- 752,755 ----
{ /* Add new patch number below this line */
+ /**/
+ 4646,
/**/

--
[SIR LAUNCELOT runs back up the stairs, grabs a rope
of the wall and swings out over the heads of the CROWD in a
swashbuckling manner towards a large window. He stops just short
of the window and is left swing pathetically back and forth.]
LAUNCELOT: Excuse me ... could somebody give me a push ...
"Monty Python and the Holy Grail" PYTHON (MONTY) PICTURES LTD

/// Bram Moolenaar -- Br...@Moolenaar.net -- http://www.Moolenaar.net \\\
/// \\\
\\\ sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ ///
\\\ help me help AIDS victims -- http://ICCF-Holland.org ///

Reply all

Reply to author

Forward

0 new messages