Permalink
Browse files

patch 8.0.0079

Problem:    Accessing freed memory in quickfix. (Domenique Pelle)
Solution:   Do not free the current list when adding to it.
  • Loading branch information...
1 parent 63bed3d commit 2b946c9f9b0e0fd805fb8f3e4c16e0a68ae13129 @brammool brammool committed Nov 12, 2016
Showing with 142 additions and 124 deletions.
  1. +9 −4 src/quickfix.c
  2. +131 −120 src/testdir/test_quickfix.vim
  3. +2 −0 src/version.c
View
@@ -1112,6 +1112,7 @@ qf_init_ext(
qffields_T fields = {NULL, NULL, 0, 0L, 0, FALSE, NULL, 0, 0, 0};
#ifdef FEAT_WINDOWS
qfline_T *old_last = NULL;
+ int adding = FALSE;
#endif
static efm_T *fmt_first = NULL;
char_u *efm;
@@ -1140,6 +1141,7 @@ qf_init_ext(
else if (qi->qf_lists[qi->qf_curlist].qf_count > 0)
{
/* Adding to existing list, use last entry. */
+ adding = TRUE;
old_last = qi->qf_lists[qi->qf_curlist].qf_last;
}
#endif
@@ -1266,10 +1268,13 @@ qf_init_ext(
}
EMSG(_(e_readerrf));
error2:
- qf_free(qi, qi->qf_curlist);
- qi->qf_listcount--;
- if (qi->qf_curlist > 0)
- --qi->qf_curlist;
+ if (!adding)
+ {
+ qf_free(qi, qi->qf_curlist);
+ qi->qf_listcount--;
+ if (qi->qf_curlist > 0)
+ --qi->qf_curlist;
+ }
qf_init_end:
if (state.fd != NULL)
fclose(state.fd);
Oops, something went wrong.

0 comments on commit 2b946c9

Please sign in to comment.