patch 8.2.4782: accessing freed memory Problem: Accessing freed memory. Solution: Clear evalarg after checking for trailing characters. (issue #10218)

commit: a929c922b1cb7c84ad1b5d1d0fc9a4f7c68ab8e0 [log] [tgz]
author: Bram Moolenaar <Bram@vim.org> Mon Apr 18 15:21:17 2022 +0100
committer: Bram Moolenaar <Bram@vim.org> Mon Apr 18 15:21:17 2022 +0100
tree: c5f21ae7e809da70c6d5f254ed5f6cd67bfa833c
parent: d0a20c9d111da75febb60ffee2e15f727ab6a5ad [diff] [blame]
diff --git a/src/userfunc.c b/src/userfunc.c
index 155c4ff..f3ba771 100644
--- a/src/userfunc.c
+++ b/src/userfunc.c

@@ -5529,7 +5529,6 @@
     }
     if (eap->skip)
 	--emsg_skip;
-    clear_evalarg(&evalarg, eap);
 
     // When inside :try we need to check for following "| catch" or "| endtry".
     // Not when there was an error, but do check if an exception was thrown.
@@ -5549,6 +5548,8 @@
 	else
 	    set_nextcmd(eap, arg);
     }
+    // Must be after using "arg", it may point into memory cleared here.
+    clear_evalarg(&evalarg, eap);
 
 end:
     dict_unref(fudi.fd_dict);
commit	a929c922b1cb7c84ad1b5d1d0fc9a4f7c68ab8e0	[log] [tgz]
author	Bram Moolenaar <Bram@vim.org>	Mon Apr 18 15:21:17 2022 +0100
committer	Bram Moolenaar <Bram@vim.org>	Mon Apr 18 15:21:17 2022 +0100
tree	c5f21ae7e809da70c6d5f254ed5f6cd67bfa833c
parent	d0a20c9d111da75febb60ffee2e15f727ab6a5ad [diff] [blame]