Mercurial > vim

diff src/vim9execute.c @ 26747:a8a4e1e7b111 v8.2.3902

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
patch 8.2.3902: Vim9: double free with nested :def function Commit: https://github.com/vim/vim/commit/9c23f9bb5fe435b28245ba8ac65aa0ca6b902c04 Author: Bram Moolenaar <Bram@vim.org> Date: Sun Dec 26 14:23:22 2021 +0000 patch 8.2.3902: Vim9: double free with nested :def function Problem: Vim9: double free with nested :def function. Solution: Pass "line_to_free" from compile_def_function() and make sure cmdlinep is valid.
author Bram Moolenaar <Bram@vim.org>
date Sun, 26 Dec 2021 15:30:02 +0100
parents b969fdb8cd46
children fc859aea8cec
line wrap: on
line diff
--- a/src/vim9execute.c
+++ b/src/vim9execute.c
@@ -3345,10 +3345,12 @@ exec_instructions(ectx_T *ectx)
 		else
 		{
 		    exarg_T ea;
+		    char_u  *line_to_free = NULL;
 
 		    CLEAR_FIELD(ea);
 		    ea.cmd = ea.arg = iptr->isn_arg.string;
-		    define_function(&ea, NULL);
+		    define_function(&ea, NULL, &line_to_free);
+		    vim_free(line_to_free);
 		}
 		break;