From cc305213d78e282d9e8a43106491d033e990ccdc Mon Sep 17 00:00:00 2001 From: Björn Linse Date: Tue, 2 Oct 2018 13:46:53 +0200 Subject: TUI: always use safe cursor movement after resize The old code could lead to a memory error in the following situation: 0. The previous cursor position was row 50 since before, on a grid larger than 50 rows. 1. grid_resize changes the grid height to 40, and invalidly assumes the resize moved the physical cursor to row 0 2. Some event used a operation that could move the cursor (such as clear), and then reset the cursor to the "true" position row 50 (pointless after #8221, but I forgot to remove it) 3. raw_line/cheap_to_print is invoked, and tries to inspect the grid at row 50 (memory error) 4. grid_cursor_goto would have been called at this point, and set a valid cursor position 0-39. --- src/nvim/ugrid.c | 1 - 1 file changed, 1 deletion(-) (limited to 'src/nvim/ugrid.c') diff --git a/src/nvim/ugrid.c b/src/nvim/ugrid.c index e2b92d7112..b741a61d8c 100644 --- a/src/nvim/ugrid.c +++ b/src/nvim/ugrid.c @@ -32,7 +32,6 @@ void ugrid_resize(UGrid *grid, int width, int height) grid->cells[i] = xcalloc((size_t)width, sizeof(UCell)); } - grid->row = grid->col = 0; grid->width = width; grid->height = height; } -- cgit