comparison src/version.c @ 34627:5071d4c3ff2e v9.1.0202

patch 9.1.0202: leaking memory in add_user() on failure Commit: https://github.com/vim/vim/commit/7a2f217988afa1c35b9c093a9d3477198ea250b9 Author: Christian Brabandt <cb@256bit.org> Date: Sun Mar 24 09:50:03 2024 +0100 patch 9.1.0202: leaking memory in add_user() on failure Problem: leaking memory in add_user() (LuMingYinDetect) Solution: free user_copy pointer instead of the user ptr add_user() is called with a user pointer and the user pointer comes from these functions: - return value from the getpwent() function (Unix). - return value from the getpwnam() function (Unix). - return value from the NetUserEnum() function (MS Windows). For the first 2 callers, the man page for those functions directly says, one should not free the returned pointer (since it comes from static memory). For the third caller (on MS Windows), the returned buffer is already freed directly after calling the add_user() function in NetApiBufferFree(), so this would lead to a double free(). This all indicates, the user ptr is wrongly freed in the add_user() function and the intention was to free the user_copy pointer instead in case of an error. So let's just use that now. fixes: #14250 closes: #14260 Signed-off-by: Christian Brabandt <cb@256bit.org>
author Christian Brabandt <cb@256bit.org>
date Sun, 24 Mar 2024 10:00:09 +0100
parents ad1b0609b2f8
children 45d13860879a
comparison
equal deleted inserted replaced
34626:32d243b3ff9e 34627:5071d4c3ff2e
702 NULL 702 NULL
703 }; 703 };
704 704
705 static int included_patches[] = 705 static int included_patches[] =
706 { /* Add new patch number below this line */ 706 { /* Add new patch number below this line */
707 /**/
708 202,
707 /**/ 709 /**/
708 201, 710 201,
709 /**/ 711 /**/
710 200, 712 200,
711 /**/ 713 /**/