From: Roman Perepelitsa <roman.perepelitsa@gmail.com>
To: Zsh hackers list <zsh-workers@zsh.org>
Subject: PATCH: fix a memory leak and potential heap corruption when rotating lines
Date: Mon, 28 Oct 2019 12:29:23 +0100 [thread overview]
Message-ID: <CAN=4vMou-FFjD5J0kxs6OLZq-GkUGztOUY-sOt3kL2uXQ_0n2Q@mail.gmail.com> (raw)
[-- Attachment #1: Type: text/plain, Size: 496 bytes --]
I've bumped into this code accidentally while trying to do something
unrelated. It looks wrong to me although there is a good chance I'm
misreading it. I'm attaching a patch that either fixes two bugs,
introduces two new bugs, or does something in between. I'll appreciate
if someone more experienced can take a look at it.
All test pass with this patch and my zsh seems to work fine. I haven't
verified that this code actually runs either during testing or when
I'm using zsh normally.
Roman.
[-- Attachment #2: fix-rotate-lines.patch.txt --]
[-- Type: text/plain, Size: 793 bytes --]
diff --git a/Src/Zle/zle_refresh.c b/Src/Zle/zle_refresh.c
index 7cc338ab1..85e55e0d4 100644
--- a/Src/Zle/zle_refresh.c
+++ b/Src/Zle/zle_refresh.c
@@ -1652,7 +1652,7 @@ zrefresh(void)
zfree(obuf[iln], (winw + 2) * sizeof(**obuf));
for (t0 = iln; t0 != olnct; t0++)
obuf[t0] = obuf[t0 + 1];
- obuf[olnct--] = NULL;
+ obuf[--olnct] = NULL;
}
/* don't try to insert a line if olnct = vmaxln (vmaxln is the number
of lines that have been displayed by this routine) so that we don't
@@ -1662,7 +1662,6 @@ zrefresh(void)
obuf[iln] && !ZR_strncmp(obuf[iln], nbuf[iln + 1], 16)) {
moveto(iln, 0);
tcout(TCINSLINE);
- zfree(obuf[olnct], (winw + 2) * sizeof(**obuf));
for (t0 = olnct; t0 != iln; t0--)
obuf[t0] = obuf[t0 - 1];
obuf[iln] = NULL;
next reply other threads:[~2019-10-28 11:30 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-10-28 11:29 Roman Perepelitsa [this message]
2019-10-28 11:50 ` Mikael Magnusson
2019-10-28 12:04 ` Roman Perepelitsa
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAN=4vMou-FFjD5J0kxs6OLZq-GkUGztOUY-sOt3kL2uXQ_0n2Q@mail.gmail.com' \
--to=roman.perepelitsa@gmail.com \
--cc=zsh-workers@zsh.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.vuxu.org/mirror/zsh/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).