# HG changeset patch
# User Bram Moolenaar <Bram@vim.org>
# Date 1586792703 -7200
# Node ID 6486f456b06a7230c1773d86287a59208067051f
# Parent  dd4098fd958cd27eb7dc26f5bb9edd0ca8d38b46
patch 8.2.0571: double free when passing invalid argument to job_start()

Commit: https://github.com/vim/vim/commit/0015795baafaf7983875f979f92339375fe5d8e2
Author: Bram Moolenaar <Bram@vim.org>
Date:   Mon Apr 13 17:44:47 2020 +0200

    patch 8.2.0571: double free when passing invalid argument to job_start()

    Problem:    Double free when passing invalid argument to job_start().
    Solution:   Clear the argument when freed. (Masato Nishihata, closes https://github.com/vim/vim/issues/5926)

diff --git a/src/misc2.c b/src/misc2.c
--- a/src/misc2.c
+++ b/src/misc2.c
@@ -4356,7 +4356,10 @@ build_argv_from_list(list_T *l, char ***
 	    int i;
 
 	    for (i = 0; i < *argc; ++i)
+	    {
 		vim_free((*argv)[i]);
+		(*argv)[i] = NULL;
+	    }
 	    return FAIL;
 	}
 	(*argv)[*argc] = (char *)vim_strsave(s);
diff --git a/src/testdir/test_channel.vim b/src/testdir/test_channel.vim
--- a/src/testdir/test_channel.vim
+++ b/src/testdir/test_channel.vim
@@ -1681,6 +1681,7 @@ func Test_job_start_fails()
   call assert_fails('let job = job_start(["   "])', 'E474:')
   call assert_fails('let job = job_start("")', 'E474:')
   call assert_fails('let job = job_start("   ")', 'E474:')
+  call assert_fails('let job = job_start(["ls", []])', 'E730:')
   %bw!
 endfunc
 
diff --git a/src/version.c b/src/version.c
--- a/src/version.c
+++ b/src/version.c
@@ -739,6 +739,8 @@ static char *(features[]) =
 static int included_patches[] =
 {   /* Add new patch number below this line */
 /**/
+    571,
+/**/
     570,
 /**/
     569,