Patch 8.2.4646
Problem: Using buffer line after it has been freed in old regexp engine.
Solution: After getting mark get the line again.
Files: src/regexp_bt.c, src/testdir/test_regexp_latin.vim
*** ../vim-8.2.4645/src/regexp_bt.c 2022-02-22 13:37:26.339255247 +0000
--- src/regexp_bt.c 2022-03-29 13:23:59.104008292 +0100
***************
*** 3360,3367 ****
--- 3360,3376 ----
int mark = OPERAND(scan)[0];
int cmp = OPERAND(scan)[1];
pos_T *pos;
+ size_t col = REG_MULTI ? rex.input - rex.line : 0;
pos = getmark_buf(rex.reg_buf, mark, FALSE);
+
+ // Line may have been freed, get it again.
+ if (REG_MULTI)
+ {
+ rex.line = reg_getline(rex.lnum);
+ rex.input = rex.line + col;
+ }
+
if (pos == NULL // mark doesn't exist
|| pos->lnum <= 0) // mark isn't set in reg_buf
{
*** ../vim-8.2.4645/src/testdir/test_regexp_latin.vim 2022-03-22
21:14:51.752456009 +0000
--- src/testdir/test_regexp_latin.vim 2022-03-29 13:23:28.496028107 +0100
***************
*** 1042,1051 ****
--- 1042,1058 ----
func Test_using_mark_position()
" this was using freed memory
+ " new engine
new
norm O0
call assert_fails("s/\\%')", 'E486:')
bwipe!
+
+ " old engine
+ new
+ norm O0
+ call assert_fails("s/\\%#=1\\%')", 'E486:')
+ bwipe!
endfunc
func Test_using_visual_position()
*** ../vim-8.2.4645/src/version.c 2022-03-29 11:56:57.557660671 +0100
--- src/version.c 2022-03-29 13:24:30.787987279 +0100
***************
*** 752,753 ****
--- 752,755 ----
{ /* Add new patch number below this line */
+ /**/
+ 4646,
/**/
--
[SIR LAUNCELOT runs back up the stairs, grabs a rope
of the wall and swings out over the heads of the CROWD in a
swashbuckling manner towards a large window. He stops just short
of the window and is left swing pathetically back and forth.]
LAUNCELOT: Excuse me ... could somebody give me a push ...
"Monty Python and the Holy Grail" PYTHON (MONTY) PICTURES LTD
/// Bram Moolenaar -- [email protected] -- http://www.Moolenaar.net \\\
/// \\\
\\\ sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ ///
\\\ help me help AIDS victims -- http://ICCF-Holland.org ///
--
--
You received this message from the "vim_dev" maillist.
Do not top-post! Type your reply below the text you are replying to.
For more information, visit http://www.vim.org/maillist.php
---
You received this message because you are subscribed to the Google Groups
"vim_dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/vim_dev/20220329122541.781171C0C1F%40moolenaar.net.
