IntenseFinance/neovim
3
0
Fork 0
mirror of https://github.com/neovim/neovim.git synced 2025-02-25 18:55:25 -06:00
Code Issues Packages Projects Releases Wiki Activity

vim-patch:8.1.1485: double free when garbage_collect() is used in autocommand

Browse Source 
Problem:    Double free when garbage_collect() is used in autocommand.
Solution:   Have garbage collection also set the copyID in funccal_stack.
c07f67ad0e
This commit is contained in:
erw7 2019-09-06 12:38:52 +09:00
parent 0cab85df4d
commit c3dab08c8f
2 changed files with 14 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/nvim/eval.c
View File

@ -439,12 +439,11 @@ void eval_clear(void)
xfree(SCRIPT_SV(i)); xfree(SCRIPT_SV(i));
ga_clear(&ga_scripts); ga_clear(&ga_scripts);
// functions need to be freed before gargabe collecting, otherwise local
// variables might be freed twice.
free_all_functions();
// unreferenced lists and dicts // unreferenced lists and dicts
(void)garbage_collect(false); (void)garbage_collect(false);
// functions not garbage collected
free_all_functions();
} }
#endif #endif

13
src/nvim/eval/userfunc.c
View File

@ -3356,9 +3356,18 @@ bool set_ref_in_call_stack(int copyID)
bool abort = false; bool abort = false;
for (funccall_T *fc = current_funccal; fc != NULL; fc = fc->caller) { for (funccall_T *fc = current_funccal; fc != NULL; fc = fc->caller) {
abort = abort || set_ref_in_ht(&fc->l_vars.dv_hashtab, copyID, NULL); abort = abort || set_ref_in_funccal(fc, copyID);
abort = abort || set_ref_in_ht(&fc->l_avars.dv_hashtab, copyID, NULL);
} }
// Also go through the funccal_stack.
for (funccal_entry_T *entry = funccal_stack; entry != NULL;
entry = entry->next) {
for (funccall_T *fc = entry->top_funccal; !abort && fc != NULL;
fc = fc->caller) {
abort = abort || set_ref_in_funccal(fc, copyID);
}
}
return abort; return abort;
} }