diff src/cmdexpand.c @ 34627:5071d4c3ff2e v9.1.0202

patch 9.1.0202: leaking memory in add_user() on failure Commit: https://github.com/vim/vim/commit/7a2f217988afa1c35b9c093a9d3477198ea250b9 Author: Christian Brabandt <cb@256bit.org> Date: Sun Mar 24 09:50:03 2024 +0100 patch 9.1.0202: leaking memory in add_user() on failure Problem: leaking memory in add_user() (LuMingYinDetect) Solution: free user_copy pointer instead of the user ptr add_user() is called with a user pointer and the user pointer comes from these functions: - return value from the getpwent() function (Unix). - return value from the getpwnam() function (Unix). - return value from the NetUserEnum() function (MS Windows). For the first 2 callers, the man page for those functions directly says, one should not free the returned pointer (since it comes from static memory). For the third caller (on MS Windows), the returned buffer is already freed directly after calling the add_user() function in NetApiBufferFree(), so this would lead to a double free(). This all indicates, the user ptr is wrongly freed in the add_user() function and the intention was to free the user_copy pointer instead in case of an error. So let's just use that now. fixes: #14250 closes: #14260 Signed-off-by: Christian Brabandt <cb@256bit.org>
author Christian Brabandt <cb@256bit.org>
date Sun, 24 Mar 2024 10:00:09 +0100
parents a197265a2e07
children 17c21bb47bfd
line wrap: on
line diff