From 2204d14c86f17f13ad1f23e62af80bff406425cb Mon Sep 17 00:00:00 2001 From: Brand Huntsman Date: Wed, 27 Feb 2019 02:40:18 -0700 Subject: [PATCH 2/8] history: use an unfreed 'position_history' to avoid a possible crash The reload_positions_if_needed() routine can free the existing 'position_history' and allocate a new one. Using the old one, from before the reload, could lead to a crash. This fixes https://savannah.gnu.org/bugs/?55792. Reported-by: Enrico Mioso Bug existed since the reloading of the position-history file was introduced, a year and a half ago, in commit bfc53f30. Signed-off-by: Brand Huntsman --- src/history.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/history.c b/src/history.c index b3530837..ca0b2d49 100644 --- a/src/history.c +++ b/src/history.c @@ -593,7 +593,7 @@ void update_poshistory(char *filename, ssize_t lineno, ssize_t xpos) * set line and column to the retrieved values. */ bool has_old_position(const char *file, ssize_t *line, ssize_t *column) { - poshiststruct *posptr = position_history; + poshiststruct *posptr; char *fullpath = get_full_path(file); if (fullpath == NULL) @@ -601,6 +601,7 @@ bool has_old_position(const char *file, ssize_t *line, ssize_t *column) reload_positions_if_needed(); + posptr = position_history; while (posptr != NULL && strcmp(posptr->filename, fullpath) != 0) posptr = posptr->next; -- 2.20.1