IntenseFinance/neovim
3
0
Fork 0
mirror of https://github.com/neovim/neovim.git synced 2025-02-25 18:55:25 -06:00
Code Issues Packages Projects Releases Wiki Activity

vim-patch:9.1.0395: getregionpos() may leak memory on error

Browse Source 
Problem:  regionpos may leak memory on error, coverity
          complains about dereferencing Null pointer
Solution: free all list pointers (after v9.1.394),
          return early if buflist_findnr() returns NULL

closes: vim/vim#14731

b8ecedce79

Co-authored-by: Christian Brabandt <cb@256bit.org>
This commit is contained in:
zeertzjq 2024-05-20 06:44:19 +08:00
parent d89144626e
commit 3383603c13
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/nvim/eval/funcs.c
View File

@ -3008,6 +3008,11 @@ static void f_getregion(typval_T *argvars, typval_T *rettv, EvalFuncData fptr)
static void add_regionpos_range(typval_T *rettv, int bufnr, int lnum1, int col1, int coladd1,
int lnum2, int col2, int coladd2)
{
buf_T *findbuf = bufnr != 0 ? buflist_findnr(bufnr) : curbuf;
if (findbuf == NULL || findbuf->b_ml.ml_mfp == NULL) {
return;
}
list_T *l1 = tv_list_alloc(2);
tv_list_append_list(rettv->vval.v_list, l1);
@ -3017,8 +3022,6 @@ static void add_regionpos_range(typval_T *rettv, int bufnr, int lnum1, int col1,
list_T *l3 = tv_list_alloc(4);
tv_list_append_list(l1, l3);
buf_T *findbuf = bufnr != 0 ? buflist_findnr(bufnr) : curbuf;
int max_col1 = ml_get_buf_len(findbuf, lnum1);
tv_list_append_number(l2, bufnr);
tv_list_append_number(l2, lnum1);