patch 9.1.1476: missing out-of-memory checks in cmdexpand.c

Problem:  missing out-of-memory checks in cmdexpand.c
Solution: add missing out-of-memory checks, re-order code
          (John Marriott)

This commit does the following:
- in cmdline_pum_create() add out-of-memory check call of ALLOC_MULT()
- in expand_cmdline() move check for out-of-memory to cover both
  assignments of file_str
- in nextwild() don't free `p2` until after it's last use.

closes: #17592

Signed-off-by: John Marriott <basilisk@internode.on.net>
Signed-off-by: Christian Brabandt <cb@256bit.org>

diff --git a/src/cmdexpand.c b/src/cmdexpand.c
index a6d8c8539b1d42ebff5c1c0969e7ed0859618dcb..4077fb341626f08beb8899d95bcda2b2cf793237 100644 (file)
--- a/src/cmdexpand.c
+++ b/src/cmdexpand.c
@@ -335,7 +335,6 @@ nextwild(
            ccline->cmdpos += difflen;
        }
     }
-    vim_free(p2);
 
     redrawcmd();
     cursorcmd();
@@ -351,6 +350,8 @@ nextwild(
        // free expanded pattern
        (void)ExpandOne(xp, NULL, NULL, 0, WILD_FREE);
 
+    vim_free(p2);
+
     return OK;
 }
 
@@ -370,8 +371,11 @@ cmdline_pum_create(
     int                columns;
 
     // Add all the completion matches
+    compl_match_array = ALLOC_MULT(pumitem_T, numMatches);
+    if (compl_match_array == NULL)
+       return EXPAND_UNSUCCESSFUL;
+
     compl_match_arraysize = numMatches;
-    compl_match_array = ALLOC_MULT(pumitem_T, compl_match_arraysize);
     for (i = 0; i < numMatches; i++)
     {
        compl_match_array[i].pum_text = SHOW_MATCH(i);
@@ -2884,11 +2888,9 @@ expand_cmdline(
        // If fuzzy matching, don't modify the search string
        file_str = vim_strsave(xp->xp_pattern);
     else
-    {
        file_str = addstar(xp->xp_pattern, xp->xp_pattern_len, xp->xp_context);
-       if (file_str == NULL)
-           return EXPAND_UNSUCCESSFUL;
-    }
+    if (file_str == NULL)
+       return EXPAND_UNSUCCESSFUL;
 
     if (p_wic)
        options += WILD_ICASE;

diff --git a/src/version.c b/src/version.c
index f8dc4084b6b186c58ad51322471d23d1a906c58c..df89e19d6c3e379c5d3dbf26a285fde0f95536c5 100644 (file)
--- a/src/version.c
+++ b/src/version.c
@@ -709,6 +709,8 @@ static char *(features[]) =
 
 static int included_patches[] =
 {   /* Add new patch number below this line */
+/**/
+    1476,
 /**/
     1475,
 /**/