In grid_duplicate_lines, if the line is empty (cellsize == 0) then clear

the destination celldata pointer rather than leaving a stale copy of the
source pointer (which may later be freed). Fixes a crash found by
Kuang-che Wu.
nicm committed Aug 24, 2015
1 parent 58b659a commit 3219e0314e3d1d39a57db330faa5693ce0264244
Showing with 2 additions and 1 deletion.
  1. +2 −1 grid.c
3 grid.c
@@ -652,7 +652,8 @@ grid_duplicate_lines(struct grid *dst, u_int dy, struct grid *src, u_int sy,
srcl->cellsize, sizeof *dstl->celldata);
memcpy(dstl->celldata, srcl->celldata,
srcl->cellsize * sizeof *dstl->celldata);
} else
dstl->celldata = NULL;


