To: vim_dev@googlegroups.com Subject: Patch 8.1.0437 Fcc: outbox From: Bram Moolenaar Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ------------ Patch 8.1.0437 Problem: May access freed memory when syntax HL times out. (Philipp Gesang) Solution: Clear b_sst_first when clearing b_sst_array. Files: src/syntax.c *** ../vim-8.1.0436/src/syntax.c 2018-09-10 21:04:09.872392623 +0200 --- src/syntax.c 2018-09-28 22:18:50.261769939 +0200 *************** *** 1192,1197 **** --- 1192,1198 ---- for (p = block->b_sst_first; p != NULL; p = p->sst_next) clear_syn_state(p); VIM_CLEAR(block->b_sst_array); + block->b_sst_first = NULL; block->b_sst_len = 0; } } *************** *** 1323,1331 **** synstate_T *p, *prev, *np; linenr_T n; - if (block->b_sst_array == NULL) /* nothing to do */ - return; - prev = NULL; for (p = block->b_sst_first; p != NULL; ) { --- 1324,1329 ---- *************** *** 1378,1384 **** int dist; int retval = FALSE; ! if (syn_block->b_sst_array == NULL || syn_block->b_sst_first == NULL) return retval; /* Compute normal distance between non-displayed entries. */ --- 1376,1382 ---- int dist; int retval = FALSE; ! if (syn_block->b_sst_first == NULL) return retval; /* Compute normal distance between non-displayed entries. */ *** ../vim-8.1.0436/src/version.c 2018-09-25 22:27:31.958075001 +0200 --- src/version.c 2018-09-28 22:18:00.054149809 +0200 *************** *** 796,797 **** --- 796,799 ---- { /* Add new patch number below this line */ + /**/ + 437, /**/ -- hundred-and-one symptoms of being an internet addict: 109. You actually read -- and enjoy -- lists like this. /// Bram Moolenaar -- Bram@Moolenaar.net -- http://www.Moolenaar.net \\\ /// sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\ \\\ an exciting new programming language -- http://www.Zimbu.org /// \\\ help me help AIDS victims -- http://ICCF-Holland.org ///