patch 9.0.1857: [security] heap-use-after-free in is_qf_win() Problem: heap-use-after-free in is_qf_win() Solution: Check buffer is valid before accessing it Signed-off-by: Christian Brabandt <cb@256bit.org>

commit: fc68299d436cf87453e432daa77b6d545df4d7ed [log] [tgz]
author: Christian Brabandt <cb@256bit.org> Sun Sep 03 20:20:52 2023 +0200
committer: Christian Brabandt <cb@256bit.org> Sun Sep 03 20:20:52 2023 +0200
tree: de179fbfbc61e6d9f59d2343f777f2cb83c55fff
parent: aa90d4f031f73a34aaef5746931ea746849a2231 [diff] [blame]
diff --git a/src/quickfix.c b/src/quickfix.c
index aa431ea..a3d3e8f 100644
--- a/src/quickfix.c
+++ b/src/quickfix.c

@@ -4492,7 +4492,7 @@
     // set to NULL.
     // A window displaying a location list buffer will have the w_llist_ref
     // pointing to the location list.
-    if (bt_quickfix(win->w_buffer))
+    if (buf_valid(win->w_buffer) && bt_quickfix(win->w_buffer))
 	if ((IS_QF_STACK(qi) && win->w_llist_ref == NULL)
 		|| (IS_LL_STACK(qi) && win->w_llist_ref == qi))
 	    return TRUE;
commit	fc68299d436cf87453e432daa77b6d545df4d7ed	[log] [tgz]
author	Christian Brabandt <cb@256bit.org>	Sun Sep 03 20:20:52 2023 +0200
committer	Christian Brabandt <cb@256bit.org>	Sun Sep 03 20:20:52 2023 +0200
tree	de179fbfbc61e6d9f59d2343f777f2cb83c55fff
parent	aa90d4f031f73a34aaef5746931ea746849a2231 [diff] [blame]