patch 8.0.0084
Problem: Using freed memory when adding to a quickfix list. (Domenique
Pelle)
Solution: Clear the directory name.
diff --git a/src/quickfix.c b/src/quickfix.c
index 58c4227..df35163 100644
--- a/src/quickfix.c
+++ b/src/quickfix.c
@@ -1617,7 +1617,7 @@
static bufref_T qf_last_bufref = {NULL, 0};
/*
- * Get buffer number for file "directory.fname".
+ * Get buffer number for file "directory/fname".
* Also sets the b_has_qf_entry flag.
*/
static int
@@ -2711,7 +2711,9 @@
qi->qf_lists[idx].qf_index = 0;
qf_clean_dir_stack(&qi->qf_dir_stack);
+ qi->qf_directory = NULL;
qf_clean_dir_stack(&qi->qf_file_stack);
+ qi->qf_currfile = NULL;
}
/*
diff --git a/src/testdir/test_quickfix.vim b/src/testdir/test_quickfix.vim
index 98afdb1..13c1482 100644
--- a/src/testdir/test_quickfix.vim
+++ b/src/testdir/test_quickfix.vim
@@ -1669,3 +1669,25 @@
call assert_fails('caddexpr ""', 'E376:')
let &efm = save_efm
endfunc
+
+func Test_dirstack_cleanup()
+ " This used to cause a memory access in freed memory.
+ let save_efm = &efm
+ lexpr '0'
+ lopen
+ fun X(c)
+ let save_efm=&efm
+ set efm=%D%f
+ if a:c == 'c'
+ caddexpr '::'
+ else
+ laddexpr ':0:0'
+ endif
+ let &efm=save_efm
+ endfun
+ call X('c')
+ call X('l')
+ call setqflist([], 'r')
+ caddbuffer
+ let &efm = save_efm
+endfunc
diff --git a/src/version.c b/src/version.c
index c7f00a8..c4013e7 100644
--- a/src/version.c
+++ b/src/version.c
@@ -765,6 +765,8 @@
static int included_patches[] =
{ /* Add new patch number below this line */
/**/
+ 84,
+/**/
83,
/**/
82,