Gitiles
Code Review Sign In
gerrit.omnirom.org / android_external_vim / 2050dcc20f99b3440199f4fbe60581e2ad8dac97^! / . / src
commit2050dcc20f99b3440199f4fbe60581e2ad8dac97[log] [tgz]
authorYegappan Lakshmanan <yegappan@yahoo.com>Mon Jan 06 18:34:49 2025 +0100
committerChristian Brabandt <cb@256bit.org>Mon Jan 06 18:34:49 2025 +0100
tree410e655fae6151623bfb3c03bb42aa1804858de2
parent6655bef33047b826e0ccb8c686f3f57e47161b1c [diff]
patch 9.1.0992: Vim9: double-free after v9.1.0988

Problem:  Vim9: double-free after v9.1.0988
          (h-east)
Solution: clear typval pointer, before setting the type
          (Yegappan Lakshmanan)

Otherwise the contents are still referring to some other value.

fixes: #16386
closes: #16388

Signed-off-by: Yegappan Lakshmanan <yegappan@yahoo.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>

diff --git a/src/testdir/test_vim9_class.vim b/src/testdir/test_vim9_class.vim
index c7a0fbe..0c11c07 100644
--- a/src/testdir/test_vim9_class.vim
+++ b/src/testdir/test_vim9_class.vim

@@ -11839,4 +11839,31 @@
   v9.CheckSourceFailure(lines, "E1430: Uninitialized object variable 'x' referenced")
 enddef
 
+" Test for initializing member variables of compound type in the constructor
+def Test_constructor_init_compound_member_var()
+  var lines =<< trim END
+    vim9script
+
+    class Foo
+      var v1: string = "aaa"
+      var v2: list<number> = [1, 2]
+      var v3: dict<string> = {a: 'a', b: 'b'}
+    endclass
+
+    class Bar
+      var v4: string = "bbb"
+      var v5: Foo = Foo.new()
+      var v6: list<number> = [1, 2]
+    endclass
+
+    var b: Bar = Bar.new()
+    assert_equal("aaa", b.v5.v1)
+    assert_equal([1, 2], b.v5.v2)
+    assert_equal({a: 'a', b: 'b'}, b.v5.v3)
+    assert_equal("bbb", b.v4)
+    assert_equal([1, 2], b.v6)
+  END
+  v9.CheckSourceSuccess(lines)
+enddef
+
 " vim: ts=8 sw=2 sts=2 expandtab tw=80 fdm=marker

diff --git a/src/version.c b/src/version.c
index dc04ffc..e8feb96 100644
--- a/src/version.c
+++ b/src/version.c

@@ -705,6 +705,8 @@
 static int included_patches[] =
 {   /* Add new patch number below this line */
 /**/
+    992,
+/**/
     991,
 /**/
     990,

diff --git a/src/vim9execute.c b/src/vim9execute.c
index dde95b5..d696280 100644
--- a/src/vim9execute.c
+++ b/src/vim9execute.c

@@ -4855,6 +4855,7 @@
 					+ iptr->isn_arg.jumparg.jump_arg_off
 					+ STACK_FRAME_SIZE;
 		    type_T *t = ufunc->uf_arg_types[argidx];
+		    CLEAR_POINTER(tv);
 		    tv->v_type = t->tt_type;
 		}