- From:
- Mark Jamsek <mark@jamsek.com>
- Subject:
- Re: tog blame: fix a double-free
- To:
- Josiah Frentsos <jfrent@tilde.team>
- Cc:
- gameoftrees@openbsd.org
- Date:
- Sat, 15 Jul 2023 13:01:00 +1000
Download raw body.
Thread
tog blame: fix a double-free
Download raw body.
tog blame: fix a double-free
Josiah Frentsos <jfrent@tilde.team> wrote:
> * tog blame gnu/usr.bin/Makefile.inc
> * Press RET when it finishes annotating.
> * Press C-c while it's diffing.
>
> It happens because open_diff_view() also calls view_close() on error.
Thanks, Josiah! I could reproduce your case.
Your patch fixes it, and has now been committed.
> diff 1494a06e4ce25cf1beafa90b6b1f98bdebf9e7e2 18d31f841e8a68f2cede608c1a5741286785bfb3
> commit - 1494a06e4ce25cf1beafa90b6b1f98bdebf9e7e2
> commit + 18d31f841e8a68f2cede608c1a5741286785bfb3
> blob - f94aa18a4e4ab0a9b2df4a58ff12917a90b189c3
> blob + 7bb059ecfaa26dc3c7b8d9f630f63c581d525b9b
> --- tog/tog.c
> +++ tog/tog.c
> @@ -6956,10 +6956,8 @@ input_blame_view(struct tog_view **new_view, struct to
> err = open_diff_view(diff_view, pid ? &pid->id : NULL,
> id, NULL, NULL, 3, 0, 0, view, s->repo);
> got_object_commit_close(commit);
> - if (err) {
> - view_close(diff_view);
> + if (err)
> break;
> - }
> s->last_diffed_line = s->first_displayed_line - 1 +
> s->selected_line;
> if (*new_view)
--
Mark Jamsek <https://bsdbox.org>
GPG: F2FF 13DE 6A06 C471 CA80 E6E2 2930 DC66 86EE CF68
tog blame: fix a double-free