Gitiles
Code Review Sign In
gerrit.omnirom.org / android_external_vim / a929c922b1cb7c84ad1b5d1d0fc9a4f7c68ab8e0^! / . / src
commita929c922b1cb7c84ad1b5d1d0fc9a4f7c68ab8e0[log] [tgz]
authorBram Moolenaar <Bram@vim.org>Mon Apr 18 15:21:17 2022 +0100
committerBram Moolenaar <Bram@vim.org>Mon Apr 18 15:21:17 2022 +0100
treec5f21ae7e809da70c6d5f254ed5f6cd67bfa833c
parentd0a20c9d111da75febb60ffee2e15f727ab6a5ad [diff]
patch 8.2.4782: accessing freed memory

Problem:    Accessing freed memory.
Solution:   Clear evalarg after checking for trailing characters.
            (issue #10218)

diff --git a/src/testdir/test_lambda.vim b/src/testdir/test_lambda.vim
index 8d06e59..7726629 100644
--- a/src/testdir/test_lambda.vim
+++ b/src/testdir/test_lambda.vim

@@ -1,6 +1,7 @@
 " Test for lambda and closure
 
 source check.vim
+import './vim9.vim' as v9
 
 func Test_lambda_feature()
   call assert_equal(1, has('lambda'))
@@ -54,6 +55,21 @@
   call assert_true(s:n > m)
 endfunc
 
+func Test_lambda_vim9cmd_linebreak()
+  CheckFeature timers
+
+  let lines =<< trim END
+      vim9cmd call timer_start(10, (x) => {
+          # comment
+          g:result = 'done'
+         })
+  END
+  call v9.CheckScriptSuccess(lines)
+  sleep 50m
+  call assert_equal('done', g:result)
+  unlet g:result
+endfunc
+
 func Test_lambda_with_partial()
   let l:Cb = function({... -> ['zero', a:1, a:2, a:3]}, ['one', 'two'])
   call assert_equal(['zero', 'one', 'two', 'three'], l:Cb('three'))

diff --git a/src/userfunc.c b/src/userfunc.c
index 155c4ff..f3ba771 100644
--- a/src/userfunc.c
+++ b/src/userfunc.c

@@ -5529,7 +5529,6 @@
     }
     if (eap->skip)
 	--emsg_skip;
-    clear_evalarg(&evalarg, eap);
 
     // When inside :try we need to check for following "| catch" or "| endtry".
     // Not when there was an error, but do check if an exception was thrown.
@@ -5549,6 +5548,8 @@
 	else
 	    set_nextcmd(eap, arg);
     }
+    // Must be after using "arg", it may point into memory cleared here.
+    clear_evalarg(&evalarg, eap);
 
 end:
     dict_unref(fudi.fd_dict);

diff --git a/src/version.c b/src/version.c
index eb05f88..7f792d2 100644
--- a/src/version.c
+++ b/src/version.c

@@ -747,6 +747,8 @@
 static int included_patches[] =
 {   /* Add new patch number below this line */
 /**/
+    4782,
+/**/
     4781,
 /**/
     4780,