From 771564b00e5b64ac74be443dde84e160bc7fce05 Mon Sep 17 00:00:00 2001
From: zeertzjq <zeertzjq@outlook.com>
Date: Mon, 25 Jul 2022 20:09:23 +0800
Subject: vim-patch:8.2.5164: invalid memory access after diff buffer
 manipulations

Problem:    Invalid memory access after diff buffer manipulations.
Solution:   Use zero offset when change removes all lines in a diff block.
https://github.com/vim/vim/commit/c101abff4c6756db4f5e740fde289decb9452efa
---
 src/nvim/diff.c | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

(limited to 'src/nvim/diff.c')

diff --git a/src/nvim/diff.c b/src/nvim/diff.c
index 136fc5402b..55d8b7e36b 100644
--- a/src/nvim/diff.c
+++ b/src/nvim/diff.c
@@ -372,9 +372,8 @@ static void diff_mark_adjust_tp(tabpage_T *tp, int idx, linenr_T line1, linenr_T
 
         // 2. 3. 4. 5.: inserted/deleted lines touching this diff.
         if (deleted > 0) {
+          off = 0;
           if (dp->df_lnum[idx] >= line1) {
-            off = dp->df_lnum[idx] - lnum_deleted;
-
             if (last <= line2) {
               // 4. delete all lines of diff
               if ((dp->df_next != NULL)
@@ -391,14 +390,13 @@ static void diff_mark_adjust_tp(tabpage_T *tp, int idx, linenr_T line1, linenr_T
               dp->df_count[idx] = 0;
             } else {
               // 5. delete lines at or just before top of diff
+              off = dp->df_lnum[idx] - lnum_deleted;
               n = off;
               dp->df_count[idx] -= line2 - dp->df_lnum[idx] + 1;
               check_unchanged = true;
             }
             dp->df_lnum[idx] = line1;
           } else {
-            off = 0;
-
             if (last < line2) {
               // 2. delete at end of diff
               dp->df_count[idx] -= last - lnum_deleted + 1;
-- 
cgit