From a701b3b6f0f06ac0c9fcc75c6c34a1258fc3b1a2 Mon Sep 17 00:00:00 2001 From: Bram Moolenaar Date: Thu, 20 Apr 2017 22:57:27 +0200 Subject: patch 8.0.0575: using freed memory when resetting 'indentexpr' Problem: Using freed memory when resetting 'indentexpr' while evaluating it. (Dominique Pelle) Solution: Make a copy of 'indentexpr'. --- src/misc1.c | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) (limited to 'src/misc1.c') diff --git a/src/misc1.c b/src/misc1.c index 951467d94..1a220e1eb 100644 --- a/src/misc1.c +++ b/src/misc1.c @@ -9252,6 +9252,7 @@ find_match(int lookfor, linenr_T ourscope) get_expr_indent(void) { int indent; + char_u *inde_copy; pos_T save_pos; colnr_T save_curswant; int save_set_curswant; @@ -9268,7 +9269,16 @@ get_expr_indent(void) if (use_sandbox) ++sandbox; ++textlock; - indent = (int)eval_to_number(curbuf->b_p_inde); + + /* Need to make a copy, the 'indentexpr' option could be changed while + * evaluating it. */ + inde_copy = vim_strsave(curbuf->b_p_inde); + if (inde_copy != NULL) + { + indent = (int)eval_to_number(inde_copy); + vim_free(inde_copy); + } + if (use_sandbox) --sandbox; --textlock; -- cgit v1.2.1