patch 9.0.2129: [security]: use-after-free in call_dfunc() Commit: https://github.com/vim/vim/commit/a555069b7d790abedc60edc505bd35bda257949d Author: mityu <mityu.mail@gmail.com> Date: Sat Nov 25 15:41:20 2023 +0100 patch 9.0.2129: [security]: use-after-free in call_dfunc() Problem: [security]: use-after-free in call_dfunc() Solution: Refresh dfunc pointer closes: #13571 This Commit fixes a SEGV caused by a use-after-free bug in call_dfunc(). When calling check_ufunc_arg_types() from the call_dfunc() it may cause def functions to be re-compiled and if there are too many def functions, the def_functions array will be re-allocated. Which means, that the dfunc pointer in call_dfunc() now starts pointing to freed memory. So we need to reset the dfunc pointer after calling check_ufunc_arg_types(). Let's also add a test, to ensure we do not regress. Signed-off-by: mityu <mityu.mail@gmail.com> Signed-off-by: Yegappan Lakshmanan <yegappan@yahoo.com> Signed-off-by: Christian Brabandt <cb@256bit.org>

README_bindos.txt for version 9.0 of Vim: Vi IMproved.

See "README.txt" for general information about Vim.
See "README_dos.txt" for installation instructions for MS-DOS and MS-Windows.
These files are in the runtime archive (vim90rt.zip).


There are several binary distributions of Vim for the PC.  You would normally
pick only one of them, but it's also possible to install several.
These ones are available (the version number may differ):
	vim90w32.zip	Windows 95/98/NT/etc. console version
	gvim90.zip	Windows 95/98/NT/etc. GUI version
	gvim90ole.zip	Windows 95/98/NT/etc. GUI version with OLE

You MUST also get the runtime archive (vim90rt.zip).
The sources are also available (vim90src.zip).