# HG changeset patch
# User Bram Moolenaar <Bram@vim.org>
# Date 1565649005 -7200
# Node ID 1e3ff1eae4c3aa53d5630563d8dfdab7bc0f0c43
# Parent  ebdea289ed6a2287176c2c980b881db2ef447142
patch 8.1.1843: might be freeing memory that was not allocated

commit https://github.com/vim/vim/commit/f077db24230d10ef9a66ae14da34b639464d8fa2
Author: Bram Moolenaar <Bram@vim.org>
Date:   Tue Aug 13 00:18:24 2019 +0200

    patch 8.1.1843: might be freeing memory that was not allocated

    Problem:    Might be freeing memory that was not allocated.
    Solution:   Have next_fenc() set the fenc_alloced flag. (closes https://github.com/vim/vim/issues/4804)

diff --git a/src/fileio.c b/src/fileio.c
--- a/src/fileio.c
+++ b/src/fileio.c
@@ -27,7 +27,7 @@
 /* Is there any system that doesn't have access()? */
 #define USE_MCH_ACCESS
 
-static char_u *next_fenc(char_u **pp);
+static char_u *next_fenc(char_u **pp, int *alloced);
 #ifdef FEAT_EVAL
 static char_u *readfile_charconvert(char_u *fname, char_u *fenc, int *fdp);
 #endif
@@ -890,8 +890,7 @@ readfile(
     else
     {
 	fenc_next = p_fencs;		/* try items in 'fileencodings' */
-	fenc = next_fenc(&fenc_next);
-	fenc_alloced = TRUE;
+	fenc = next_fenc(&fenc_next, &fenc_alloced);
     }
 
     /*
@@ -994,8 +993,7 @@ retry:
 		vim_free(fenc);
 	    if (fenc_next != NULL)
 	    {
-		fenc = next_fenc(&fenc_next);
-		fenc_alloced = (fenc_next != NULL);
+		fenc = next_fenc(&fenc_next, &fenc_alloced);
 	    }
 	    else
 	    {
@@ -2761,14 +2759,16 @@ set_forced_fenc(exarg_T *eap)
  * "pp" points to fenc_next.  It's advanced to the next item.
  * When there are no more items, an empty string is returned and *pp is set to
  * NULL.
- * When *pp is not set to NULL, the result is in allocated memory.
+ * When *pp is not set to NULL, the result is in allocated memory and "alloced"
+ * is set to TRUE.
  */
     static char_u *
-next_fenc(char_u **pp)
+next_fenc(char_u **pp, int *alloced)
 {
     char_u	*p;
     char_u	*r;
 
+    *alloced = FALSE;
     if (**pp == NUL)
     {
 	*pp = NULL;
@@ -2791,8 +2791,11 @@ next_fenc(char_u **pp)
 	    r = p;
 	}
     }
-    if (r == NULL)	/* out of memory */
-    {
+    if (r != NULL)
+	*alloced = TRUE;
+    else
+    {
+	// out of memory
 	r = (char_u *)"";
 	*pp = NULL;
     }
diff --git a/src/version.c b/src/version.c
--- a/src/version.c
+++ b/src/version.c
@@ -770,6 +770,8 @@ static char *(features[]) =
 static int included_patches[] =
 {   /* Add new patch number below this line */
 /**/
+    1843,
+/**/
     1842,
 /**/
     1841,