From eaccd0decd707ff7cec318e06914f963daa9574c Mon Sep 17 00:00:00 2001
From: zeertzjq <zeertzjq@outlook.com>
Date: Thu, 9 Mar 2023 08:15:06 +0800
Subject: vim-patch:9.0.1392: using NULL pointer with nested :open command
 (#22583)

Problem:    Using NULL pointer with nested :open command.
Solution:   Check that ccline.cmdbuff is not NULL.

https://github.com/vim/vim/commit/7ac5023a5f1a37baafbe1043645f97ba3443d9f6

Co-authored-by: Bram Moolenaar <Bram@vim.org>
---
 src/nvim/getchar.c | 20 ++++++++++++--------
 1 file changed, 12 insertions(+), 8 deletions(-)

(limited to 'src')

diff --git a/src/nvim/getchar.c b/src/nvim/getchar.c
index 183fd5e19f..ea541dbca4 100644
--- a/src/nvim/getchar.c
+++ b/src/nvim/getchar.c
@@ -2345,7 +2345,7 @@ void check_end_reg_executing(bool advance)
 /// K_SPECIAL may be escaped, need to get two more bytes then.
 static int vgetorpeek(bool advance)
 {
-  int c, c1;
+  int c;
   bool timedout = false;  // waited for more than 'timeoutlen'
                           // for mapping to complete or
                           // 'ttimeoutlen' for complete key code
@@ -2639,7 +2639,7 @@ static int vgetorpeek(bool advance)
         // input from the user), show the partially matched characters
         // to the user with showcmd.
         int showcmd_idx = 0;
-        c1 = 0;
+        bool showing_partial = false;
         if (typebuf.tb_len > 0 && advance && !exmode_active) {
           if (((State & (MODE_NORMAL | MODE_INSERT)) || State == MODE_LANGMAP)
               && State != MODE_HITRETURN) {
@@ -2648,7 +2648,7 @@ static int vgetorpeek(bool advance)
                 && ptr2cells((char *)typebuf.tb_buf + typebuf.tb_off + typebuf.tb_len - 1) == 1) {
               edit_putchar(typebuf.tb_buf[typebuf.tb_off + typebuf.tb_len - 1], false);
               setcursor();  // put cursor back where it belongs
-              c1 = 1;
+              showing_partial = true;
             }
             // need to use the col and row from above here
             old_wcol = curwin->w_wcol;
@@ -2666,12 +2666,15 @@ static int vgetorpeek(bool advance)
             curwin->w_wrow = old_wrow;
           }
 
-          // this looks nice when typing a dead character map
-          if ((State & MODE_CMDLINE) && cmdline_star == 0) {
+          // This looks nice when typing a dead character map.
+          // There is no actual command line for get_number().
+          if ((State & MODE_CMDLINE)
+              && get_cmdline_info()->cmdbuff != NULL
+              && cmdline_star == 0) {
             char *p = (char *)typebuf.tb_buf + typebuf.tb_off + typebuf.tb_len - 1;
             if (ptr2cells(p) == 1 && (uint8_t)(*p) < 128) {
               putcmdline(*p, false);
-              c1 = 1;
+              showing_partial = true;
             }
           }
         }
@@ -2704,11 +2707,12 @@ static int vgetorpeek(bool advance)
         if (showcmd_idx != 0) {
           pop_showcmd();
         }
-        if (c1 == 1) {
+        if (showing_partial == 1) {
           if (State & MODE_INSERT) {
             edit_unputchar();
           }
-          if (State & MODE_CMDLINE) {
+          if ((State & MODE_CMDLINE)
+              && get_cmdline_info()->cmdbuff != NULL) {
             unputcmdline();
           } else {
             setcursor();  // put cursor back where it belongs
-- 
cgit