zoriya/vim
1
0
Fork 0
mirror of https://github.com/zoriya/vim.git synced 2025-12-19 05:35:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

patch 8.0.0365: might free a dict item that wasn't allocated

Browse Source 
Problem:    Might free a dict item that wasn't allocated.
Solution:   Call dictitem_free(). (Nikolai Pavlov)  Use this for
            b:changedtick.
This commit is contained in:
Bram Moolenaar
2017-02-25 14:59:34 +01:00
parent d3f78dc9eb
commit 95c526e1f6
12 changed files with 40 additions and 50 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
src/buffer.c
View File

@@ -832,7 +832,6 @@ free_buffer(buf_T *buf)
free_buffer_stuff(buf, TRUE);
#ifdef FEAT_EVAL
unref_var_dict(buf->b_vars);
buf->b_changedtick = &buf->b_ct_val;
#endif
#ifdef FEAT_LUA
lua_buffer_free(buf);
@@ -874,31 +873,20 @@ free_buffer(buf_T *buf)
}
/*
* Initializes buf->b_changedtick.
* Initializes b:changedtick.
*/
static void
init_changedtick(buf_T *buf)
{
#ifdef FEAT_EVAL
dictitem_T *di = dictitem_alloc((char_u *)"changedtick");
dictitem_T *di = (dictitem_T *)&buf->b_ct_di;
if (di != NULL)
{
di->di_flags |= DI_FLAGS_FIX | DI_FLAGS_RO;
di->di_flags = DI_FLAGS_FIX | DI_FLAGS_RO;
di->di_tv.v_type = VAR_NUMBER;
di->di_tv.v_lock = VAR_FIXED;
di->di_tv.vval.v_number = 0;
if (dict_add(buf->b_vars, di) == OK)
buf->b_changedtick = &di->di_tv.vval.v_number;
else
{
vim_free(di);
buf->b_changedtick = &buf->b_ct_val;
}
}
else
#endif
buf->b_changedtick = &buf->b_ct_val;
STRCPY(buf->b_ct_di.di_key, "changedtick");
(void)dict_add(buf->b_vars, di);
}
/*
@@ -919,12 +907,12 @@ free_buffer_stuff(
}
#ifdef FEAT_EVAL
{
varnumber_T tick = *buf->b_changedtick;
varnumber_T tick = CHANGEDTICK(buf);
vars_clear(&buf->b_vars->dv_hashtab); /* free all buffer variables */
hash_init(&buf->b_vars->dv_hashtab);
init_changedtick(buf);
*buf->b_changedtick = tick;
CHANGEDTICK(buf) = tick;
}
#endif
#ifdef FEAT_USR_CMDS

3
src/dict.c
View File

@@ -88,8 +88,7 @@ dict_free_contents(dict_T *d)
* something recursive causing trouble. */
di = HI2DI(hi);
hash_remove(&d->dv_hashtab, hi);
clear_tv(&di->di_tv);
vim_free(di);
dictitem_free(di);
--todo;
}
}

4
src/edit.c
View File

@@ -1668,7 +1668,7 @@ ins_redraw(
#ifdef FEAT_AUTOCMD
/* Trigger TextChangedI if b_changedtick differs. */
if (ready && has_textchangedI()
&& last_changedtick != *curbuf->b_changedtick
&& last_changedtick != CHANGEDTICK(curbuf)
# ifdef FEAT_INS_EXPAND
&& !pum_visible()
# endif
@@ -1677,7 +1677,7 @@ ins_redraw(
if (last_changedtick_buf == curbuf)
apply_autocmds(EVENT_TEXTCHANGEDI, NULL, NULL, FALSE, curbuf);
last_changedtick_buf = curbuf;
last_changedtick = *curbuf->b_changedtick;
last_changedtick = CHANGEDTICK(curbuf);
}
#endif

6
src/evalfunc.c
View File

@@ -2550,7 +2550,7 @@ f_diff_hlID(typval_T *argvars UNUSED, typval_T *rettv UNUSED)
if (lnum < 0) /* ignore type error in {lnum} arg */
lnum = 0;
if (lnum != prev_lnum
|| changedtick != *curbuf->b_changedtick
|| changedtick != CHANGEDTICK(curbuf)
|| fnum != curbuf->b_fnum)
{
/* New line, buffer, change: need to get the values. */
@@ -2572,7 +2572,7 @@ f_diff_hlID(typval_T *argvars UNUSED, typval_T *rettv UNUSED)
else
hlID = (hlf_T)0;
prev_lnum = lnum;
changedtick = *curbuf->b_changedtick;
changedtick = CHANGEDTICK(curbuf);
fnum = curbuf->b_fnum;
}
@@ -3957,7 +3957,7 @@ get_buffer_info(buf_T *buf)
dict_add_nr_str(dict, "loaded", buf->b_ml.ml_mfp != NULL, NULL);
dict_add_nr_str(dict, "listed", buf->b_p_bl, NULL);
dict_add_nr_str(dict, "changed", bufIsChanged(buf), NULL);
dict_add_nr_str(dict, "changedtick", *buf->b_changedtick, NULL);
dict_add_nr_str(dict, "changedtick", CHANGEDTICK(buf), NULL);
dict_add_nr_str(dict, "hidden",
buf->b_ml.ml_mfp != NULL && buf->b_nwindows == 0,
NULL);

4
src/ex_docmd.c
View File

@@ -660,7 +660,7 @@ do_exmode(
need_wait_return = FALSE;
ex_pressedreturn = FALSE;
ex_no_reprint = FALSE;
changedtick = *curbuf->b_changedtick;
changedtick = CHANGEDTICK(curbuf);
prev_msg_row = msg_row;
prev_line = curwin->w_cursor.lnum;
if (improved)
@@ -673,7 +673,7 @@ do_exmode(
lines_left = Rows - 1;
if ((prev_line != curwin->w_cursor.lnum
|| changedtick != *curbuf->b_changedtick) && !ex_no_reprint)
|| changedtick != CHANGEDTICK(curbuf)) && !ex_no_reprint)
{
if (curbuf->b_ml.ml_flags & ML_EMPTY)
EMSG(_(e_emptybuf));

6
src/fileio.c
View File

@@ -4924,11 +4924,11 @@ restore_backup:
{
unchanged(buf, TRUE);
#ifdef FEAT_AUTOCMD
/* buf->b_changedtick is always incremented in unchanged() but that
/* b:changedtick is always incremented in unchanged() but that
* should not trigger a TextChanged event. */
if (last_changedtick + 1 == *buf->b_changedtick
if (last_changedtick + 1 == CHANGEDTICK(buf)
&& last_changedtick_buf == buf)
last_changedtick = *buf->b_changedtick;
last_changedtick = CHANGEDTICK(buf);
#endif
u_unchanged(buf);
u_update_save_nr(buf);

10
src/main.c
View File

@@ -1162,15 +1162,15 @@ main_loop(
#endif
#ifdef FEAT_AUTOCMD
/* Trigger TextChanged if b_changedtick differs. */
/* Trigger TextChanged if b:changedtick differs. */
if (!finish_op && has_textchanged()
&& last_changedtick != *curbuf->b_changedtick)
&& last_changedtick != CHANGEDTICK(curbuf))
{
if (last_changedtick_buf == curbuf)
apply_autocmds(EVENT_TEXTCHANGED, NULL, NULL,
FALSE, curbuf);
last_changedtick_buf = curbuf;
last_changedtick = *curbuf->b_changedtick;
last_changedtick = CHANGEDTICK(curbuf);
}
#endif
@@ -1388,11 +1388,11 @@ getout(int exitval)
/* Autocmd must have close the buffer already, skip. */
continue;
buf = wp->w_buffer;
if (buf->b_ct_val != -1)
if (CHANGEDTICK(buf) != -1)
{
apply_autocmds(EVENT_BUFWINLEAVE, buf->b_fname,
buf->b_fname, FALSE, buf);
buf->b_ct_val = -1; /* note that we did it already */
CHANGEDTICK(buf) = -1; /* note that we did it already */
/* start all over, autocommands may mess up the lists */
next_tp = first_tabpage;
break;

4
src/memline.c
View File

@@ -1649,7 +1649,7 @@ ml_recover(void)
if (!(curbuf->b_ml.ml_line_count == 2 && *ml_get(1) == NUL))
{
changed_int();
++*curbuf->b_changedtick;
++CHANGEDTICK(curbuf);
}
}
else
@@ -1663,7 +1663,7 @@ ml_recover(void)
if (i != 0)
{
changed_int();
++*curbuf->b_changedtick;
++CHANGEDTICK(curbuf);
break;
}
}

8
src/misc1.c
View File

@@ -502,11 +502,11 @@ get_breakindent_win(
/* used cached indent, unless pointer or 'tabstop' changed */
if (prev_line != line || prev_ts != wp->w_buffer->b_p_ts
|| prev_tick != *wp->w_buffer->b_changedtick)
|| prev_tick != CHANGEDTICK(wp->w_buffer))
{
prev_line = line;
prev_ts = wp->w_buffer->b_p_ts;
prev_tick = *wp->w_buffer->b_changedtick;
prev_tick = CHANGEDTICK(wp->w_buffer);
prev_indent = get_indent_str(line,
(int)wp->w_buffer->b_p_ts, wp->w_p_list);
}
@@ -2768,7 +2768,7 @@ changed(void)
}
changed_int();
}
++*curbuf->b_changedtick;
++CHANGEDTICK(curbuf);
}
/*
@@ -3195,7 +3195,7 @@ unchanged(
need_maketitle = TRUE; /* set window title later */
#endif
}
++*buf->b_changedtick;
++CHANGEDTICK(buf);
#ifdef FEAT_NETBEANS_INTG
netbeans_unmodified(buf);
#endif

5
src/structs.h
View File

@@ -1916,9 +1916,10 @@ struct file_buffer
int b_changed; /* 'modified': Set to TRUE if something in the
file has been changed and not written out. */
varnumber_T *b_changedtick; /* points into b:changedtick or b_ct_val;
dictitem16_T b_ct_di; /* holds the b:changedtick value in
b_ct_di.di_tv.vval.v_number;
incremented for each change, also for undo */
varnumber_T b_ct_val; /* fallback for b:changedtick */
#define CHANGEDTICK(buf) ((buf)->b_ct_di.di_tv.vval.v_number)
int b_saving; /* Set to TRUE if we are in the middle of
saving the buffer. */

4
src/syntax.c
View File

@@ -516,13 +516,13 @@ syntax_start(win_T *wp, linenr_T lnum)
*/
if (syn_block != wp->w_s
|| syn_buf != wp->w_buffer
|| changedtick != *syn_buf->b_changedtick)
|| changedtick != CHANGEDTICK(syn_buf))
{
invalidate_current_state();
syn_buf = wp->w_buffer;
syn_block = wp->w_s;
}
changedtick = *syn_buf->b_changedtick;
changedtick = CHANGEDTICK(syn_buf);
syn_win = wp;
/*

2
src/version.c
View File

@@ -764,6 +764,8 @@ static char *(features[]) =
static int included_patches[] =
{ /* Add new patch number below this line */
/**/
365,
/**/
364,
/**/