To: vim_dev@googlegroups.com Subject: Patch 8.0.0942 Fcc: outbox From: Bram Moolenaar Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ------------ Patch 8.0.0942 Problem: Using freed memory with ":terminal" if an autocommand changes 'shell' when splitting the window. (Marius Gedminas) Solution: Make a copy of 'shell'. (closes #1974) Files: src/terminal.c *** ../vim-8.0.0941/src/terminal.c 2017-08-13 22:14:13.012428848 +0200 --- src/terminal.c 2017-08-14 22:55:57.212668497 +0200 *************** *** 392,398 **** setup_job_options(opt, term->tl_rows, term->tl_cols); /* System dependent: setup the vterm and start the job in it. */ ! if (term_and_job_init(term, term->tl_rows, term->tl_cols, argvar, opt) == OK) { /* Get and remember the size we ended up with. Update the pty. */ vterm_get_size(term->tl_vterm, &term->tl_rows, &term->tl_cols); --- 392,399 ---- setup_job_options(opt, term->tl_rows, term->tl_cols); /* System dependent: setup the vterm and start the job in it. */ ! if (term_and_job_init(term, term->tl_rows, term->tl_cols, argvar, opt) ! == OK) { /* Get and remember the size we ended up with. Update the pty. */ vterm_get_size(term->tl_vterm, &term->tl_rows, &term->tl_cols); *************** *** 434,439 **** --- 435,441 ---- typval_T argvar; jobopt_T opt; char_u *cmd; + char_u *tofree = NULL; init_job_options(&opt); *************** *** 462,468 **** cmd = skipwhite(p); } if (cmd == NULL || *cmd == NUL) ! cmd = p_sh; if (eap->addr_count == 2) { --- 464,471 ---- cmd = skipwhite(p); } if (cmd == NULL || *cmd == NUL) ! /* Make a copy, an autocommand may set 'shell'. */ ! tofree = cmd = vim_strsave(p_sh); if (eap->addr_count == 2) { *************** *** 480,485 **** --- 483,489 ---- argvar.v_type = VAR_STRING; argvar.vval.v_string = cmd; term_start(&argvar, &opt, eap->forceit); + vim_free(tofree); } /* *** ../vim-8.0.0941/src/version.c 2017-08-14 22:35:04.680303024 +0200 --- src/version.c 2017-08-14 22:55:23.832871404 +0200 *************** *** 771,772 **** --- 771,774 ---- { /* Add new patch number below this line */ + /**/ + 942, /**/ -- FATAL ERROR! SYSTEM HALTED! - Press any key to continue doing nothing. /// Bram Moolenaar -- Bram@Moolenaar.net -- http://www.Moolenaar.net \\\ /// sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\ \\\ an exciting new programming language -- http://www.Zimbu.org /// \\\ help me help AIDS victims -- http://ICCF-Holland.org ///