aniani/vim
0
0
Fork 1
mirror of https://github.com/vim/vim.git synced 2025-09-23 03:43:49 -04:00
Code Activity

patch 9.0.0487: using freed memory with combination of closures

Browse Source 
Problem:    Using freed memory with combination of closures.
Solution:   Do not use a partial after it has been freed through the
            funcstack.
This commit is contained in:
Bram Moolenaar
2022-09-17 16:27:39 +01:00
parent d5bc762dea
commit acd6b9976b
4 changed files with 31 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
src/eval.c
View File

@@ -4876,6 +4876,8 @@ partial_unref(partial_T *pt)
{
if (pt != NULL)
{
int done = FALSE;
if (--pt->pt_refcount <= 0)
partial_free(pt);
@@ -4883,9 +4885,12 @@ partial_unref(partial_T *pt)
// only reference and can be freed if no other partials reference it.
else if (pt->pt_refcount == 1)
{
// careful: if the funcstack is freed it may contain this partial
// and it gets freed as well
if (pt->pt_funcstack != NULL)
funcstack_check_refcount(pt->pt_funcstack);
if (pt->pt_loopvars != NULL)
done = funcstack_check_refcount(pt->pt_funcstack);
if (!done && pt->pt_loopvars != NULL)
loopvars_check_refcount(pt->pt_loopvars);
}
}