patch 8.1.2018: using freed memory when out of memory and displaying message Problem: Using freed memory when out of memory and displaying message. Solution: Make a copy of the message first.

commit: e5fbd7393067c279860598ac8359d1617b1082b9 [log] [tgz]
author: Bram Moolenaar <Bram@vim.org> Mon Sep 09 20:04:13 2019 +0200
committer: Bram Moolenaar <Bram@vim.org> Mon Sep 09 20:04:13 2019 +0200
tree: 2b7d0d632f24b3659717bccf8c4d9e70f2c1f95b
parent: 96e38a86a710fb6daec4550ac1667f019dc3a40e [diff] [blame]
diff --git a/src/main.c b/src/main.c
index 1eb4911..6fe581c 100644
--- a/src/main.c
+++ b/src/main.c

@@ -1276,16 +1276,19 @@
 	    /* display message after redraw */
 	    if (keep_msg != NULL)
 	    {
-		char_u *p;
+		char_u *p = vim_strsave(keep_msg);
 
-		// msg_attr_keep() will set keep_msg to NULL, must free the
-		// string here. Don't reset keep_msg, msg_attr_keep() uses it
-		// to check for duplicates.  Never put this message in history.
-		p = keep_msg;
-		msg_hist_off = TRUE;
-		msg_attr((char *)p, keep_msg_attr);
-		msg_hist_off = FALSE;
-		vim_free(p);
+		if (p != NULL)
+		{
+		    // msg_start() will set keep_msg to NULL, make a copy
+		    // first.  Don't reset keep_msg, msg_attr_keep() uses it to
+		    // check for duplicates.  Never put this message in
+		    // history.
+		    msg_hist_off = TRUE;
+		    msg_attr((char *)p, keep_msg_attr);
+		    msg_hist_off = FALSE;
+		    vim_free(p);
+		}
 	    }
 	    if (need_fileinfo)		/* show file info after redraw */
 	    {
commit	e5fbd7393067c279860598ac8359d1617b1082b9	[log] [tgz]
author	Bram Moolenaar <Bram@vim.org>	Mon Sep 09 20:04:13 2019 +0200
committer	Bram Moolenaar <Bram@vim.org>	Mon Sep 09 20:04:13 2019 +0200
tree	2b7d0d632f24b3659717bccf8c4d9e70f2c1f95b
parent	96e38a86a710fb6daec4550ac1667f019dc3a40e [diff] [blame]