mirror of
https://github.com/neovim/neovim.git
synced 2024-12-25 05:35:10 -07:00
6af359ef4c
Problem: [security] use-after-free in tagstack_clear_entry
(Suyue Guo )
Solution: Instead of manually calling vim_free() on each of the tagstack
entries, let's use tagstack_clear_entry(), which will
also free the stack, but using the VIM_CLEAR macro,
which prevents a use-after-free by setting those pointers
to NULL
This addresses CVE-2024-41957
Github advisory:
https://github.com/vim/vim/security/advisories/GHSA-f9cr-gv85-hcr4
8a0bbe7b8a
Co-authored-by: Christian Brabandt <cb@256bit.org>
561 B
561 B