patch 8.2.1787: crash with 'incsearch' and very long line
Problem: Crash with 'incsearch' and very long line.
Solution: Check whether regprog becomes NULL. (closes #7063)
diff --git a/src/search.c b/src/search.c
index badf793..fd66838 100644
--- a/src/search.c
+++ b/src/search.c
@@ -759,6 +759,9 @@
NULL, NULL
#endif
);
+ // vim_regexec_multi() may clear "regprog"
+ if (regmatch.regprog == NULL)
+ break;
// Abort searching on an error (e.g., out of stack).
if (called_emsg > called_emsg_before
#ifdef FEAT_RELTIME
@@ -858,6 +861,9 @@
match_ok = FALSE;
break;
}
+ // vim_regexec_multi() may clear "regprog"
+ if (regmatch.regprog == NULL)
+ break;
matchpos = regmatch.startpos[0];
endpos = regmatch.endpos[0];
# ifdef FEAT_EVAL
@@ -972,6 +978,9 @@
#endif
break;
}
+ // vim_regexec_multi() may clear "regprog"
+ if (regmatch.regprog == NULL)
+ break;
// Need to get the line pointer again, a
// multi-line search may have made it invalid.
@@ -1065,6 +1074,10 @@
}
at_first_line = FALSE;
+ // vim_regexec_multi() may clear "regprog"
+ if (regmatch.regprog == NULL)
+ break;
+
/*
* Stop the search if wrapscan isn't set, "stop_lnum" is
* specified, after an interrupt, after a match and after looping
@@ -2911,7 +2924,8 @@
pos.lnum, regmatch.startpos[0].col, NULL, NULL);
if (nmatched != 0)
break;
- } while (direction == FORWARD ? regmatch.startpos[0].col < pos.col
+ } while (regmatch.regprog != NULL
+ && direction == FORWARD ? regmatch.startpos[0].col < pos.col
: regmatch.startpos[0].col > pos.col);
if (called_emsg == called_emsg_before)