patch 8.0.0575: using freed memory when resetting 'indentexpr' Problem: Using freed memory when resetting 'indentexpr' while evaluating it. (Dominique Pelle) Solution: Make a copy of 'indentexpr'.

commit: a701b3b6f0f06ac0c9fcc75c6c34a1258fc3b1a2 [log] [tgz]
author: Bram Moolenaar <Bram@vim.org> Thu Apr 20 22:57:27 2017 +0200
committer: Bram Moolenaar <Bram@vim.org> Thu Apr 20 22:57:27 2017 +0200
tree: 23d623833093529287f373c9428ebad70ddb6835
parent: 99895eac1cf71be43ece7e14b50e206e041fbe9f [diff] [blame]
diff --git a/src/misc1.c b/src/misc1.c
index 951467d..1a220e1 100644
--- a/src/misc1.c
+++ b/src/misc1.c

@@ -9252,6 +9252,7 @@
 get_expr_indent(void)
 {
     int		indent;
+    char_u	*inde_copy;
     pos_T	save_pos;
     colnr_T	save_curswant;
     int		save_set_curswant;
@@ -9268,7 +9269,16 @@
     if (use_sandbox)
 	++sandbox;
     ++textlock;
-    indent = (int)eval_to_number(curbuf->b_p_inde);
+
+    /* Need to make a copy, the 'indentexpr' option could be changed while
+     * evaluating it. */
+    inde_copy = vim_strsave(curbuf->b_p_inde);
+    if (inde_copy != NULL)
+    {
+	indent = (int)eval_to_number(inde_copy);
+	vim_free(inde_copy);
+    }
+
     if (use_sandbox)
 	--sandbox;
     --textlock;
commit	a701b3b6f0f06ac0c9fcc75c6c34a1258fc3b1a2	[log] [tgz]
author	Bram Moolenaar <Bram@vim.org>	Thu Apr 20 22:57:27 2017 +0200
committer	Bram Moolenaar <Bram@vim.org>	Thu Apr 20 22:57:27 2017 +0200
tree	23d623833093529287f373c9428ebad70ddb6835
parent	99895eac1cf71be43ece7e14b50e206e041fbe9f [diff] [blame]