To: vim-dev@vim.org Subject: patch 7.1.074 Fcc: outbox From: Bram Moolenaar Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit ------------ Patch 7.1.074 Problem: Crash when calling string() on a recurively nested List. Solution: Check result value for being NULL. (Yukihiro Nakadaira) Files: src/eval.c *** ../vim-7.1.073/src/eval.c Mon Aug 6 22:27:12 2007 --- src/eval.c Tue Aug 14 22:01:12 2007 *************** *** 6802,6808 **** * "numbuf" is used for a number. * Does not put quotes around strings, as ":echo" displays values. * When "copyID" is not NULL replace recursive lists and dicts with "...". ! * May return NULL; */ static char_u * echo_string(tv, tofree, numbuf, copyID) --- 6802,6808 ---- * "numbuf" is used for a number. * Does not put quotes around strings, as ":echo" displays values. * When "copyID" is not NULL replace recursive lists and dicts with "...". ! * May return NULL. */ static char_u * echo_string(tv, tofree, numbuf, copyID) *************** *** 6887,6893 **** * If the memory is allocated "tofree" is set to it, otherwise NULL. * "numbuf" is used for a number. * Puts quotes around strings, so that they can be parsed back by eval(). ! * May return NULL; */ static char_u * tv2string(tv, tofree, numbuf, copyID) --- 6887,6893 ---- * If the memory is allocated "tofree" is set to it, otherwise NULL. * "numbuf" is used for a number. * Puts quotes around strings, so that they can be parsed back by eval(). ! * May return NULL. */ static char_u * tv2string(tv, tofree, numbuf, copyID) *************** *** 14974,14979 **** --- 14974,14983 ---- p1 = tv2string(&(*(listitem_T **)s1)->li_tv, &tofree1, numbuf1, 0); p2 = tv2string(&(*(listitem_T **)s2)->li_tv, &tofree2, numbuf2, 0); + if (p1 == NULL) + p1 = (char_u *)""; + if (p2 == NULL) + p2 = (char_u *)""; if (item_compare_ic) res = STRICMP(p1, p2); else *************** *** 15463,15469 **** rettv->v_type = VAR_STRING; rettv->vval.v_string = tv2string(&argvars[0], &tofree, numbuf, 0); ! if (tofree == NULL) rettv->vval.v_string = vim_strsave(rettv->vval.v_string); } --- 15467,15474 ---- rettv->v_type = VAR_STRING; rettv->vval.v_string = tv2string(&argvars[0], &tofree, numbuf, 0); ! /* Make a copy if we have a value but it's not in allocate memory. */ ! if (rettv->vval.v_string != NULL && tofree == NULL) rettv->vval.v_string = vim_strsave(rettv->vval.v_string); } *************** *** 20167,20172 **** --- 20174,20180 ---- char_u buf[MSG_BUF_LEN]; char_u numbuf2[NUMBUFLEN]; char_u *tofree; + char_u *s; msg_puts((char_u *)"("); for (i = 0; i < argcount; ++i) *************** *** 20177,20186 **** msg_outnum((long)argvars[i].vval.v_number); else { ! trunc_string(tv2string(&argvars[i], &tofree, ! numbuf2, 0), buf, MSG_BUF_CLEN); ! msg_puts(buf); ! vim_free(tofree); } } msg_puts((char_u *)")"); --- 20185,20197 ---- msg_outnum((long)argvars[i].vval.v_number); else { ! s = tv2string(&argvars[i], &tofree, numbuf2, 0); ! if (s != NULL) ! { ! trunc_string(s, buf, MSG_BUF_CLEN); ! msg_puts(buf); ! vim_free(tofree); ! } } } msg_puts((char_u *)")"); *************** *** 20258,20271 **** char_u buf[MSG_BUF_LEN]; char_u numbuf2[NUMBUFLEN]; char_u *tofree; /* The value may be very long. Skip the middle part, so that we * have some idea how it starts and ends. smsg() would always * truncate it at the end. */ ! trunc_string(tv2string(fc.rettv, &tofree, numbuf2, 0), ! buf, MSG_BUF_CLEN); ! smsg((char_u *)_("%s returning %s"), sourcing_name, buf); ! vim_free(tofree); } msg_puts((char_u *)"\n"); /* don't overwrite this either */ --- 20269,20286 ---- char_u buf[MSG_BUF_LEN]; char_u numbuf2[NUMBUFLEN]; char_u *tofree; + char_u *s; /* The value may be very long. Skip the middle part, so that we * have some idea how it starts and ends. smsg() would always * truncate it at the end. */ ! s = tv2string(fc.rettv, &tofree, numbuf2, 0); ! if (s != NULL) ! { ! trunc_string(s, buf, MSG_BUF_CLEN); ! smsg((char_u *)_("%s returning %s"), sourcing_name, buf); ! vim_free(tofree); ! } } msg_puts((char_u *)"\n"); /* don't overwrite this either */ *** ../vim-7.1.073/src/version.c Tue Aug 14 22:15:53 2007 --- src/version.c Tue Aug 14 22:27:24 2007 *************** *** 668,669 **** --- 668,671 ---- { /* Add new patch number below this line */ + /**/ + 74, /**/ -- hundred-and-one symptoms of being an internet addict: 159. You get excited whenever discussing your hard drive. /// Bram Moolenaar -- Bram@Moolenaar.net -- http://www.Moolenaar.net \\\ /// sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\ \\\ download, build and distribute -- http://www.A-A-P.org /// \\\ help me help AIDS victims -- http://ICCF-Holland.org ///