To: vim_dev@googlegroups.com Subject: Patch 9.0.0164 Fcc: outbox From: Bram Moolenaar Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ------------ Patch 9.0.0164 Problem: Using freed memory with put command. Solution: Get byte offset before replacing the line. Files: src/register.c *** ../vim-9.0.0163/src/register.c 2022-08-07 14:55:09.543290953 +0100 --- src/register.c 2022-08-07 18:02:48.302005163 +0100 *************** *** 2099,2111 **** ptr += yanklen; } STRMOVE(ptr, oldp + col); - ml_replace(lnum, newp, FALSE); - - inserted_bytes(lnum, col, totlen); // compute the byte offset for the last character first_byte_off = mb_head_off(newp, ptr - 1); // Place cursor on last putted char. if (lnum == curwin->w_cursor.lnum) { --- 2099,2113 ---- ptr += yanklen; } STRMOVE(ptr, oldp + col); // compute the byte offset for the last character first_byte_off = mb_head_off(newp, ptr - 1); + // Note: this may free "newp" + ml_replace(lnum, newp, FALSE); + + inserted_bytes(lnum, col, totlen); + // Place cursor on last putted char. if (lnum == curwin->w_cursor.lnum) { *** ../vim-9.0.0163/src/version.c 2022-08-07 14:55:09.547290962 +0100 --- src/version.c 2022-08-07 18:08:42.645941350 +0100 *************** *** 737,738 **** --- 737,740 ---- { /* Add new patch number below this line */ + /**/ + 164, /**/ -- hundred-and-one symptoms of being an internet addict: 269. You wonder how you can make your dustbin produce Sesame Street's Oscar's the Garbage Monster song when you empty it. /// Bram Moolenaar -- Bram@Moolenaar.net -- http://www.Moolenaar.net \\\ /// \\\ \\\ sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ /// \\\ help me help AIDS victims -- http://ICCF-Holland.org ///