vim: src/userfunc.c comparison

comparison src/userfunc.c @ 29771:c71a42be2d7f v9.0.0225

patch 9.0.0225: using freed memory with multiple line breaks in expression Commit: https://github.com/vim/vim/commit/91c7cbfe31bbef57d5fcf7d76989fc159f73ef15 Author: Bram Moolenaar <Bram@vim.org> Date: Thu Aug 18 13:28:31 2022 +0100 patch 9.0.0225: using freed memory with multiple line breaks in expression Problem: Using freed memory with multiple line breaks in expression. Solution: Free eval_tofree later.

author	Bram Moolenaar <Bram@vim.org>
date	Thu, 18 Aug 2022 14:30:05 +0200
parents	d19adfd545e2
children	cd573d7bc30d

comparison

equal deleted inserted replaced

-:653c04c1dcf1
+:c71a42be2d7f
 int		ret;
 char_u	*s;
 char_u	*start, *end;
 int		*old_eval_lavars = eval_lavars_used;
 int		eval_lavars = FALSE;
-char_u	*tofree1 = NULL;
 char_u	*tofree2 = NULL;
 int		equal_arrow = **arg == '(';
 int		white_error = FALSE;
 int		called_emsg_start = called_emsg;
 int		vim9script = in_vim9script();
 // Get the start and the end of the expression.
 start = *arg;
 ret = skip_expr_concatenate(arg, &start, &end, evalarg);
 if (ret == FAIL)
 	goto errret;
-if (evalarg != NULL)
-{
-	// avoid that the expression gets freed when another line break follows
-	tofree1 = evalarg->eval_tofree;
-	evalarg->eval_tofree = NULL;
-}
 if (!equal_arrow)
 {
 	*arg = skipwhite_and_linebreak(*arg, evalarg);
 	if (**arg != '}')
 	hash_add(&func_hashtab, UF2HIKEY(fp));
 }
 theend:
 eval_lavars_used = old_eval_lavars;
-if (evalarg != NULL && evalarg->eval_tofree == NULL)
-	evalarg->eval_tofree = tofree1;
-else
-	vim_free(tofree1);
 vim_free(tofree2);
 if (types_optional)
 	ga_clear_strings(&argtypes);
 return OK;
 	if (fp != NULL)
 	    vim_free(fp->uf_arg_types);
 }
 vim_free(fp);
 vim_free(pt);
-if (evalarg != NULL && evalarg->eval_tofree == NULL)
-	evalarg->eval_tofree = tofree1;
-else
-	vim_free(tofree1);
 vim_free(tofree2);
 eval_lavars_used = old_eval_lavars;
 return FAIL;
 }

Mercurial > vim

comparison src/userfunc.c @ 29771:c71a42be2d7f v9.0.0225