vim-patch:9.1.0728: [security]: heap-use-after-free in garbage collection with location list user data (#30377)

Problem: heap-use-after-free in garbage collection with location list user data. Solution: Mark user data as in use when no other window is referencing the location list (zeertzjq) fixes: neovim/neovim#30371 closes: vim/vim#15683 https://github.com/vim/vim/commit/be4bd189d23854ddf1d85ad291d8f7ad3f22b7a0
author: zeertzjq <zeertzjq@outlook.com> 2024-09-14 19:38:33 +0800
committer: GitHub <noreply@github.com> 2024-09-14 19:38:33 +0800
commit: 325d349f9da4518447ed34b327c261bfa56fc268 (patch)
tree: 731ac1ad5b4e0168f13ffcfd7c235b403192ec18 /src/nvim/quickfix.c
parent: f2173b1aa2bec63aa982794ffde806090ab5b680 (diff)
download: rneovim-325d349f9da4518447ed34b327c261bfa56fc268.tar.gz
rneovim-325d349f9da4518447ed34b327c261bfa56fc268.tar.bz2
rneovim-325d349f9da4518447ed34b327c261bfa56fc268.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/src/nvim/quickfix.c b/src/nvim/quickfix.c
index a549e12adc..e7d2da2fc6 100644
--- a/src/nvim/quickfix.c
+++ b/src/nvim/quickfix.c
@@ -6875,7 +6875,8 @@ bool set_ref_in_quickfix(int copyID)
       // In a location list window and none of the other windows is
       // referring to this location list. Mark the location list
       // context as still in use.
-      if (mark_quickfix_ctx(win->w_llist_ref, copyID)) {
+      if (mark_quickfix_ctx(win->w_llist_ref, copyID)
+          || mark_quickfix_user_data(win->w_llist_ref, copyID)) {
         return true;
       }
     }
author	zeertzjq <zeertzjq@outlook.com>	2024-09-14 19:38:33 +0800
committer	GitHub <noreply@github.com>	2024-09-14 19:38:33 +0800
commit	325d349f9da4518447ed34b327c261bfa56fc268 (patch)
tree	731ac1ad5b4e0168f13ffcfd7c235b403192ec18 /src/nvim/quickfix.c
parent	f2173b1aa2bec63aa982794ffde806090ab5b680 (diff)
download	rneovim-325d349f9da4518447ed34b327c261bfa56fc268.tar.gz rneovim-325d349f9da4518447ed34b327c261bfa56fc268.tar.bz2 rneovim-325d349f9da4518447ed34b327c261bfa56fc268.zip