Patch 8.2.1086
Problem: Possibly using freed memory when text properties used when
changing indent of a line.
Solution: Compute the offset before calling ml_replace().
Files: src/indent.c
*** ../vim-8.2.1085/src/indent.c 2020-04-30 22:29:36.626024141 +0200
--- src/indent.c 2020-06-29 20:38:37.383197698 +0200
***************
*** 757,762 ****
--- 757,766 ----
// Replace the line (unless undo fails).
if (!(flags & SIN_UNDO) || u_savesub(curwin->w_cursor.lnum) == OK)
{
+ colnr_T old_offset = (colnr_T)(p - oldline);
+ colnr_T new_offset = (colnr_T)(s - newline);
+
+ // this may free "newline"
ml_replace(curwin->w_cursor.lnum, newline, FALSE);
if (flags & SIN_CHANGED)
changed_bytes(curwin->w_cursor.lnum, 0);
***************
*** 764,787 ****
// Correct saved cursor position if it is in this line.
if (saved_cursor.lnum == curwin->w_cursor.lnum)
{
! if (saved_cursor.col >= (colnr_T)(p - oldline))
// cursor was after the indent, adjust for the number of
// bytes added/removed
! saved_cursor.col += ind_len - (colnr_T)(p - oldline);
! else if (saved_cursor.col >= (colnr_T)(s - newline))
// cursor was in the indent, and is now after it, put it back
// at the start of the indent (replacing spaces with TAB)
! saved_cursor.col = (colnr_T)(s - newline);
}
#ifdef FEAT_PROP_POPUP
{
! int added = ind_len - (colnr_T)(p - oldline);
// When increasing indent this behaves like spaces were inserted at
// the old indent, when decreasing indent it behaves like spaces
// were deleted at the new indent.
adjust_prop_columns(curwin->w_cursor.lnum,
! (colnr_T)(added > 0 ? (p - oldline) : ind_len), added, 0);
}
#endif
retval = TRUE;
--- 768,791 ----
// Correct saved cursor position if it is in this line.
if (saved_cursor.lnum == curwin->w_cursor.lnum)
{
! if (saved_cursor.col >= old_offset)
// cursor was after the indent, adjust for the number of
// bytes added/removed
! saved_cursor.col += ind_len - old_offset;
! else if (saved_cursor.col >= new_offset)
// cursor was in the indent, and is now after it, put it back
// at the start of the indent (replacing spaces with TAB)
! saved_cursor.col = new_offset;
}
#ifdef FEAT_PROP_POPUP
{
! int added = ind_len - old_offset;
// When increasing indent this behaves like spaces were inserted at
// the old indent, when decreasing indent it behaves like spaces
// were deleted at the new indent.
adjust_prop_columns(curwin->w_cursor.lnum,
! added > 0 ? old_offset : (colnr_T)ind_len, added, 0);
}
#endif
retval = TRUE;
*** ../vim-8.2.1085/src/version.c 2020-06-29 20:23:29.374981834 +0200
--- src/version.c 2020-06-29 20:39:45.515011614 +0200
***************
*** 756,757 ****
--- 756,759 ----
{ /* Add new patch number below this line */
+ /**/
+ 1086,
/**/
--
God made machine language; all the rest is the work of man.
/// Bram Moolenaar -- [email protected] -- http://www.Moolenaar.net \\\
/// sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\
\\\ an exciting new programming language -- http://www.Zimbu.org ///
\\\ help me help AIDS victims -- http://ICCF-Holland.org ///
--
--
You received this message from the "vim_dev" maillist.
Do not top-post! Type your reply below the text you are replying to.
For more information, visit http://www.vim.org/maillist.php
---
You received this message because you are subscribed to the Google Groups
"vim_dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/vim_dev/202006291841.05TIf4uA679714%40masaka.moolenaar.net.
