From a6b05cb75d330dd995d3ad21ee08bb0a2cfcae74 Mon Sep 17 00:00:00 2001 From: zeertzjq Date: Tue, 13 Dec 2022 10:47:39 +0800 Subject: [PATCH] vim-patch:9.0.0530: using freed memory when autocmd changes mark (#21396) Problem: Using freed memory when autocmd changes mark. Solution: Copy the mark before editing another buffer. https://github.com/vim/vim/commit/8ecfa2c56b4992c7f067b92488aa9acea5a454ad Nvim already copies the mark. Co-authored-by: Bram Moolenaar --- src/nvim/mark.c | 2 ++ src/nvim/testdir/test_marks.vim | 13 +++++++++++++ 2 files changed, 15 insertions(+) diff --git a/src/nvim/mark.c b/src/nvim/mark.c index ad325ae057..c38aa834bf 100644 --- a/src/nvim/mark.c +++ b/src/nvim/mark.c @@ -551,6 +551,7 @@ MarkMoveRes mark_move_to(fmark_T *fm, MarkMove flags) // Need to change buffer fm_copy = *fm; // Copy, autocommand may change it fm = &fm_copy; + // Jump to the file with the mark res |= switch_to_mark_buf(fm, !(flags & kMarkJumpList)); // Failed switching buffer if (res & kMarkMoveFailed) { @@ -568,6 +569,7 @@ MarkMoveRes mark_move_to(fmark_T *fm, MarkMove flags) // Move the cursor while keeping track of what changed for the caller pos_T prev_pos = curwin->w_cursor; pos_T pos = fm->mark; + // Set lnum again, autocommands my have changed it curwin->w_cursor = fm->mark; if (flags & kMarkBeginLine) { beginline(BL_WHITE | BL_FIX); diff --git a/src/nvim/testdir/test_marks.vim b/src/nvim/testdir/test_marks.vim index b432b7bbbc..a7ccca498c 100644 --- a/src/nvim/testdir/test_marks.vim +++ b/src/nvim/testdir/test_marks.vim @@ -304,4 +304,17 @@ func Test_getmarklist() close! endfunc +" This was using freed memory +func Test_jump_mark_autocmd() + next 00 + edit 0 + sargument + au BufEnter 0 all + sil norm  + + au! BufEnter + bwipe! +endfunc + + " vim: shiftwidth=2 sts=2 expandtab