patch 9.0.1830: Vim9: crash when accessing a null object
Problem: Vim9: crash when accessing a null object
Solution: Check accessing a NULL object in def function
An object is NULL when the variable is declared, but the constructor
isn't called. Accessing/setting a member on the object crashed Vim.
Note: this happens inside def functions, at script level things work
differently. Accessing a NULL object member results in E1360
(correctly), while setting a value on it results in E1012 (type
mismatch) so there's still something to fix.
closes: #12973
Signed-off-by: Christian Brabandt <cb@256bit.org>
Co-authored-by: Gianmaria Bajo <mg1979.git@gmail.com>
diff --git a/src/testdir/test_vim9_class.vim b/src/testdir/test_vim9_class.vim
index 98db71d..c859ee4 100644
--- a/src/testdir/test_vim9_class.vim
+++ b/src/testdir/test_vim9_class.vim
@@ -1180,6 +1180,61 @@
END
v9.CheckScriptFailure(lines, 'E1010:')
+ # Test for setting a member on a null object
+ lines =<< trim END
+ vim9script
+ class A
+ this.val: string
+ endclass
+
+ def F()
+ var obj: A
+ obj.val = ""
+ enddef
+ F()
+ END
+ v9.CheckScriptFailure(lines, 'E1360: Using a null object')
+
+ # Test for accessing a member on a null object
+ lines =<< trim END
+ vim9script
+ class A
+ this.val: string
+ endclass
+
+ def F()
+ var obj: A
+ echo obj.val
+ enddef
+ F()
+ END
+ v9.CheckScriptFailure(lines, 'E1360: Using a null object')
+
+ # Test for setting a member on a null object, at script level
+ lines =<< trim END
+ vim9script
+ class A
+ this.val: string
+ endclass
+
+ var obj: A
+ obj.val = ""
+ END
+ # FIXME(in source): this should give E1360 as well!
+ v9.CheckScriptFailure(lines, 'E1012: Type mismatch; expected object<A> but got string')
+
+ # Test for accessing a member on a null object, at script level
+ lines =<< trim END
+ vim9script
+ class A
+ this.val: string
+ endclass
+
+ var obj: A
+ echo obj.val
+ END
+ v9.CheckScriptFailure(lines, 'E1360: Using a null object')
+
# Test for no space before or after the '=' when initializing a member
# variable
lines =<< trim END
diff --git a/src/version.c b/src/version.c
index 634d655..3aa10c6 100644
--- a/src/version.c
+++ b/src/version.c
@@ -700,6 +700,8 @@
static int included_patches[] =
{ /* Add new patch number below this line */
/**/
+ 1830,
+/**/
1829,
/**/
1828,
diff --git a/src/vim9execute.c b/src/vim9execute.c
index 2eb6ba4..b26934d 100644
--- a/src/vim9execute.c
+++ b/src/vim9execute.c
@@ -2147,7 +2147,14 @@
// -1 dict, list, blob or object
tv = STACK_TV_BOT(-3);
SOURCING_LNUM = iptr->isn_lnum;
- if (dest_type == VAR_ANY)
+
+ // Make sure an object has been initialized
+ if (dest_type == VAR_OBJECT && tv_dest->vval.v_object == NULL)
+ {
+ emsg(_(e_using_null_object));
+ status = FAIL;
+ }
+ else if (dest_type == VAR_ANY)
{
dest_type = tv_dest->v_type;
if (dest_type == VAR_DICT)