Mercurial > vim

diff src/evalvars.c @ 26482:b115b552071f v8.2.3771

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
patch 8.2.3771: Vim9: accessing freed memory when checking type Commit: https://github.com/vim/vim/commit/dd297bc11d2793ba61638972778c57f2da14e8b5 Author: Bram Moolenaar <Bram@vim.org> Date: Fri Dec 10 10:37:38 2021 +0000 patch 8.2.3771: Vim9: accessing freed memory when checking type Problem: Vim9: accessing freed memory when checking type. Solution: Make a copy of a function type.
author Bram Moolenaar <Bram@vim.org>
date Fri, 10 Dec 2021 11:45:03 +0100
parents aea4d5e1e9d5
children 7821550ba3a8
line wrap: on
line diff
--- a/src/evalvars.c
+++ b/src/evalvars.c
@@ -3291,6 +3291,7 @@ set_var_const(
     int		vim9script = in_vim9script();
     int		var_in_vim9script;
     int		flags = flags_arg;
+    int		free_tv_arg = !copy;  // free tv_arg if not used
 
     ht = find_var_ht(name, &varname);
     if (ht == NULL || *varname == NUL)
@@ -3545,6 +3546,7 @@ set_var_const(
 	dest_tv->v_lock = 0;
 	init_tv(tv);
     }
+    free_tv_arg = FALSE;
 
     if (vim9script && type != NULL)
     {
@@ -3573,10 +3575,9 @@ set_var_const(
 	// if the reference count is up to one.  That locks only literal
 	// values.
 	item_lock(dest_tv, DICT_MAXNEST, TRUE, TRUE);
-    return;
 
 failed:
-    if (!copy)
+    if (free_tv_arg)
 	clear_tv(tv_arg);
 }