From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 2550 invoked by alias); 21 Jun 2015 12:27:48 -0000 Mailing-List: contact zsh-workers-help@zsh.org; run by ezmlm Precedence: bulk X-No-Archive: yes List-Id: Zsh Workers List List-Post: List-Help: X-Seq: 35550 Received: (qmail 28142 invoked from network); 21 Jun 2015 12:27:46 -0000 X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on f.primenet.com.au X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham autolearn_force=no version=3.4.0 X-Biglobe-Sender: Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\)) Subject: Re: [PATCH] allocate origline by ztrdup(), not by dupstring() From: "Jun T." In-Reply-To: <24973.1434473665@thecus.kiddle.eu> Date: Sun, 21 Jun 2015 20:53:49 +0900 Content-Transfer-Encoding: 7bit Message-Id: <4F8A1056-198B-4CF1-A167-7C3060F77B10@kba.biglobe.ne.jp> References: <1000D010-B07A-4F19-A566-8CA95B061D58@kba.biglobe.ne.jp> <24973.1434473665@thecus.kiddle.eu> To: zsh-workers@zsh.org X-Mailer: Apple Mail (2.1878.6) X-Biglobe-Spnum: 63289 2015/06/17 01:54, Oliver Kiddle wrote: > This part is run when pressing backspace, it seems to always be the case > that origline == u->origline before this block runs. So it is copying freed > memory. Backspace (in the interactive mode) seems to work as expected with the following patch. Does this look reasonable? diff --git a/Src/Zle/complist.c b/Src/Zle/complist.c index 0f73181..ccee9a7 100644 --- a/Src/Zle/complist.c +++ b/Src/Zle/complist.c @@ -2655,7 +2655,7 @@ domenuselect(Hookdef dummy, Chdata dat) s->nbrbeg = nbrbeg; s->nbrend = nbrend; s->nmatches = nmatches; - s->origline = origline; + s->origline = dupstring(origline); s->origcs = origcs; s->origll = origll; s->status = dupstring(status); @@ -2786,7 +2786,7 @@ domenuselect(Hookdef dummy, Chdata dat) s->nbrbeg = nbrbeg; s->nbrend = nbrend; s->nmatches = nmatches; - s->origline = origline; + s->origline = dupstring(origline); s->origcs = origcs; s->origll = origll; s->status = dupstring(status);