mirror of
https://github.com/neovim/neovim.git
synced 2024-12-31 17:13:26 -07:00
1fda01fa55
Problem: [security] use-after-free in tagstack_clear_entry
(Suyue Guo )
Solution: Instead of manually calling vim_free() on each of the tagstack
entries, let's use tagstack_clear_entry(), which will
also free the stack, but using the VIM_CLEAR macro,
which prevents a use-after-free by setting those pointers
to NULL
This addresses CVE-2024-41957
Github advisory:
https://github.com/vim/vim/security/advisories/GHSA-f9cr-gv85-hcr4
8a0bbe7b8a
Co-authored-by: Christian Brabandt <cb@256bit.org>
(cherry picked from commit 6af359ef4c)
561 B
561 B