From c101abff4c6756db4f5e740fde289decb9452efa Mon Sep 17 00:00:00 2001 From: Bram Moolenaar Date: Sun, 26 Jun 2022 16:53:34 +0100 Subject: [PATCH] patch 8.2.5164: invalid memory access after diff buffer manipulations Problem: Invalid memory access after diff buffer manipulations. Solution: Use zero offset when change removes all lines in a diff block. --- src/diff.c | 4 ++-- src/testdir/test_diffmode.vim | 12 ++++++++++++ src/version.c | 2 ++ 3 files changed, 16 insertions(+), 2 deletions(-) diff --git a/src/diff.c b/src/diff.c index eddf33165628d..91e5ae2f2f689 100644 --- a/src/diff.c +++ b/src/diff.c @@ -403,9 +403,9 @@ diff_mark_adjust_tp( // 2. 3. 4. 5.: inserted/deleted lines touching this diff. if (deleted > 0) { + off = 0; if (dp->df_lnum[idx] >= line1) { - off = dp->df_lnum[idx] - lnum_deleted; if (last <= line2) { // 4. delete all lines of diff @@ -426,6 +426,7 @@ diff_mark_adjust_tp( else { // 5. delete lines at or just before top of diff + off = dp->df_lnum[idx] - lnum_deleted; n = off; dp->df_count[idx] -= line2 - dp->df_lnum[idx] + 1; check_unchanged = TRUE; @@ -434,7 +435,6 @@ diff_mark_adjust_tp( } else { - off = 0; if (last < line2) { // 2. delete at end of diff diff --git a/src/testdir/test_diffmode.vim b/src/testdir/test_diffmode.vim index afa8f891be553..4c7aff5ccb6e3 100644 --- a/src/testdir/test_diffmode.vim +++ b/src/testdir/test_diffmode.vim @@ -1615,5 +1615,17 @@ func Test_diff_only() %bwipe! endfunc +" This was causing invalid diff block values +" FIXME: somehow this causes a valgrind error when run directly but not when +" run as a test. +func Test_diff_manipulations() + set diff + split 0 + sil! norm R doobdeuR doobdeuR doobdeu + + set nodiff + %bwipe! +endfunc + " vim: shiftwidth=2 sts=2 expandtab diff --git a/src/version.c b/src/version.c index c847d590527cc..d7f0a83f3e42e 100644 --- a/src/version.c +++ b/src/version.c @@ -735,6 +735,8 @@ static char *(features[]) = static int included_patches[] = { /* Add new patch number below this line */ +/**/ + 5164, /**/ 5163, /**/