diff options
| author | Abdelhakeem Osama <abdelhakeem.osama@hotmail.com> | 2019-09-08 03:02:29 +0200 |
|---|---|---|
| committer | Justin M. Keyes <justinkz@gmail.com> | 2019-09-07 18:02:29 -0700 |
| commit | 6692c0958f476456b59cd9f36b35b1c5b3202145 (patch) | |
| tree | 9ff1ceb861bdae8cd3ed37352d6646db810d1d3a /src | |
| parent | 158b78062e9daa65203b4591dae733dd6c11ad2c (diff) | |
| download | rneovim-6692c0958f476456b59cd9f36b35b1c5b3202145.tar.gz rneovim-6692c0958f476456b59cd9f36b35b1c5b3202145.tar.bz2 rneovim-6692c0958f476456b59cd9f36b35b1c5b3202145.zip | |
shada: initialize jumplist before search pattern (#10964)
Since 8b8ecf4, the shada module loads files in the jumplist to properly
clear duplicates. This can trigger some autocommands, which in turn
saves and restores search and substitute patterns, freeing the previous
strings in "spats" which are held in "wms" as well (heap-use-after-free).
To avoid this, initialize the jumplist in "wms" before search patterns.
Diffstat (limited to 'src')
| -rw-r--r-- | src/nvim/shada.c | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/src/nvim/shada.c b/src/nvim/shada.c index 7e7e7cfdf7..4b34153164 100644 --- a/src/nvim/shada.c +++ b/src/nvim/shada.c @@ -2705,6 +2705,11 @@ static ShaDaWriteResult shada_write(ShaDaWriteDef *const sd_writer, } while (var_iter != NULL); } + // Initialize jump list + setpcmark(); + cleanup_jumplist(curwin, false); + wms->jumps_size = shada_init_jumps(wms->jumps, &removable_bufs); + const bool search_highlighted = !(no_hlsearch || find_shada_parameter('h') != NULL); const bool search_last_used = search_was_last_used(); @@ -2736,11 +2741,6 @@ static ShaDaWriteResult shada_write(ShaDaWriteDef *const sd_writer, }; } - // Initialize jump list - setpcmark(); - cleanup_jumplist(curwin, false); - wms->jumps_size = shada_init_jumps(wms->jumps, &removable_bufs); - // Initialize global marks if (dump_global_marks) { const void *global_mark_iter = NULL; |