kevin/neovim
1
Fork 0
mirror of https://github.com/neovim/neovim.git synced 2024-12-20 03:05:11 -07:00
Code Issues Packages Projects Releases Wiki Activity

vim-patch:9.1.0115: Using freed memory with full tag stack and user data (#27525)

Browse Source 
Problem:  Using freed memory with full tag stack and user data
          (Konstantin Khlebnikov)
Solution: Clear the user data pointer of the newest entry.
          (zeertzjq, Konstantin Khlebnikov)

fixes: neovim/neovim#27498
closes: vim/vim#14053

c86bff1771

Cherry-pick Test_tag_stack() changes from patch 9.0.0767.

Co-authored-by: Konstantin Khlebnikov <koct9i@gmail.com>
This commit is contained in:
zeertzjq 2024-02-19 06:53:13 +08:00 committed by GitHub
parent 1c520053a9
commit 8f1f2a1d9f
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 27 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/nvim/tag.c
View File

@ -388,7 +388,7 @@ void do_tag(char *tag, int type, int count, int forceit, bool verbose)
for (int i = 1; i < tagstacklen; i++) {
tagstack[i - 1] = tagstack[i];
}
tagstackidx--;
tagstack[--tagstackidx].user_data = NULL;
}
// put the tag name in the tag stack

41
test/old/testdir/test_tagjump.vim
View File

@ -907,14 +907,14 @@ func Test_tag_last_search_pat()
\ "first\tXfoo\t/^int first() {}/",
\ "second\tXfoo\t/^int second() {}/",
\ "third\tXfoo\t/^int third() {}/"],
\ 'Xtags')
\ 'Xtags', 'D')
set tags=Xtags
let code =<< trim [CODE]
int first() {}
int second() {}
int third() {}
[CODE]
call writefile(code, 'Xfoo')
call writefile(code, 'Xfoo', 'D')
enew
let save_cpo = &cpo
@ -924,8 +924,6 @@ func Test_tag_last_search_pat()
call assert_equal('^int second() {}', @/)
let &cpo = save_cpo
call delete('Xtags')
call delete('Xfoo')
set tags&
%bwipe
endfunc
@ -936,27 +934,42 @@ func Test_tag_stack()
for i in range(10, 31)
let l += ["var" .. i .. "\tXfoo\t/^int var" .. i .. ";$/"]
endfor
call writefile(l, 'Xtags')
call writefile(l, 'Xtags', 'D')
set tags=Xtags
let l = []
for i in range(10, 31)
let l += ["int var" .. i .. ";"]
endfor
call writefile(l, 'Xfoo')
call writefile(l, 'Xfoo', 'D')
" Jump to a tag when the tag stack is full. Oldest entry should be removed.
enew
" Jump to a tag when the tag stack is full. Oldest entry should be removed.
for i in range(10, 30)
exe "tag var" .. i
endfor
let l = gettagstack()
call assert_equal(20, l.length)
call assert_equal('var11', l.items[0].tagname)
let t = gettagstack()
call assert_equal(20, t.length)
call assert_equal('var11', t.items[0].tagname)
let full = deepcopy(t.items)
tag var31
let l = gettagstack()
call assert_equal('var12', l.items[0].tagname)
call assert_equal('var31', l.items[19].tagname)
let t = gettagstack()
call assert_equal('var12', t.items[0].tagname)
call assert_equal('var31', t.items[19].tagname)
" Jump to a tag when the tag stack is full, but with user data this time.
call foreach(full, {i, item -> extend(item, {'user_data': $'udata{i}'})})
call settagstack(0, {'items': full})
let t = gettagstack()
call assert_equal(20, t.length)
call assert_equal('var11', t.items[0].tagname)
call assert_equal('udata0', t.items[0].user_data)
tag var31
let t = gettagstack()
call assert_equal('var12', t.items[0].tagname)
call assert_equal('udata1', t.items[0].user_data)
call assert_equal('var31', t.items[19].tagname)
call assert_false(has_key(t.items[19], 'user_data'))
" Use tnext with a single match
call assert_fails('tnext', 'E427:')
@ -988,8 +1001,6 @@ func Test_tag_stack()
call settagstack(1, {'items' : []})
call assert_fails('pop', 'E73:')
call delete('Xtags')
call delete('Xfoo')
set tags&
%bwipe
endfunc