Mercurial > vim

diff src/eval.c @ 33167:13258b342d38 v9.0.1865

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
patch 9.0.1865: Vim9: garbage collection may cause crash Commit: https://github.com/vim/vim/commit/544be0d893e68c494aed09232d5bee4ca8b74619 Author: Yegappan Lakshmanan <yegappan@yahoo.com> Date: Mon Sep 4 22:14:28 2023 +0200 patch 9.0.1865: Vim9: garbage collection may cause crash Problem: Vim9: garbage collection may cause crash Solution: validate that class members typeval is not null closes: #13028 Signed-off-by: Christian Brabandt <cb@256bit.org> Co-authored-by: Yegappan Lakshmanan <yegappan@yahoo.com>
author Christian Brabandt <cb@256bit.org>
date Mon, 04 Sep 2023 22:30:03 +0200
parents 4ecf54d709b3
children 9efd99a717c1
line wrap: on
line diff
--- a/src/eval.c
+++ b/src/eval.c
@@ -5725,10 +5725,15 @@ set_ref_in_item_class(
 	return FALSE;
 
     cl->class_copyID = copyID;
-    for (int i = 0; !abort && i < cl->class_class_member_count; ++i)
-	abort = abort || set_ref_in_item(
-		&cl->class_members_tv[i],
-		copyID, ht_stack, list_stack);
+    if (cl->class_members_tv != NULL)
+    {
+	// The "class_members_tv" table is allocated only for regular classes
+	// and not for interfaces.
+	for (int i = 0; !abort && i < cl->class_class_member_count; ++i)
+	    abort = abort || set_ref_in_item(
+		    &cl->class_members_tv[i],
+		    copyID, ht_stack, list_stack);
+    }
 
     for (int i = 0; !abort && i < cl->class_class_function_count; ++i)
 	abort = abort || set_ref_in_func(NULL,