commit 9abd5c6507154eabdfe8256940a24f090db0f533
author Bram Moolenaar <Bram@vim.org> Tue Feb 10 18:34:01 2015 +0100
committer Bram Moolenaar <Bram@vim.org> Tue Feb 10 18:34:01 2015 +0100
tree 6c0fa11749df309d529fc35a5fd68cafd16c80a6
parent a1d2c58985584116d20fa5e132137d8ff1a535f7

updated for version 7.4.624
Problem:    May leak memory or crash when vim_realloc() returns NULL.
Solution:   Handle a NULL value properly. (Mike Williams)

src/misc1.c

diff --git a/src/misc1.c b/src/misc1.c
index e3e7da8..707abf8 100644
--- a/src/misc1.c
+++ b/src/misc1.c
@@ -3431,10 +3431,14 @@
 	    buf = alloc(buflen);
 	else if (maxlen < 10)
 	{
+	    char_u  *t_buf = buf;
+
 	    /* Need some more space. This might happen when receiving a long
 	     * escape sequence. */
 	    buflen += 100;
 	    buf = vim_realloc(buf, buflen);
+	    if (buf == NULL)
+		vim_free(t_buf);
 	    maxlen = (buflen - 6 - len) / 3;
 	}
 	if (buf == NULL)