From 5bf6639e0fb5698a436efe5105fa5dc8714f67dc Mon Sep 17 00:00:00 2001
From: Eliseo Martínez <eliseomarmol@gmail.com>
Date: Mon, 10 Nov 2014 17:23:34 +0100
Subject: Fix warnings: message.c: delete_first_msg(): Np dereference: FP.

Problem    : Dereference of null pointer @ 693.
Diagnostic : False positive.
Rationale  : Error condition occurs if `delete_first_msg` is entered two
             consecutive times, the firt of which sets leaves history
             empty. But, in that case, second entrance should leave at
             the `return FAIL`, and thus cannot reach the pointer
             dereference.
Resolution : Assert history will be empty after first entrance.
---
 src/nvim/message.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

(limited to 'src')

diff --git a/src/nvim/message.c b/src/nvim/message.c
index 58dbee8cf9..0e287268eb 100644
--- a/src/nvim/message.c
+++ b/src/nvim/message.c
@@ -12,6 +12,7 @@
 
 #define MESSAGE_FILE            /* don't include prototype for smsg() */
 
+#include <assert.h>
 #include <errno.h>
 #include <inttypes.h>
 #include <stdbool.h>
@@ -691,8 +692,10 @@ int delete_first_msg(void)
     return FAIL;
   p = first_msg_hist;
   first_msg_hist = p->next;
-  if (first_msg_hist == NULL)
-    last_msg_hist = NULL;      /* history is empty */
+  if (first_msg_hist == NULL) {  /* history is becoming empty */
+    assert(msg_hist_len == 1);
+    last_msg_hist = NULL;
+  }
   free(p->msg);
   free(p);
   --msg_hist_len;
-- 
cgit