Changeset 7d6a751


Ignore:
Timestamp:
Mar 1, 2010, 8:33:47 PM (14 years ago)
Author:
Nelson Elhage <nelhage@mit.edu>
Branches:
release-1.5
Children:
b22170c
Parents:
7fd450f
git-author:
Anders Kaseorg <andersk@mit.edu> (01/25/10 21:56:47)
git-committer:
Nelson Elhage <nelhage@mit.edu> (03/01/10 20:33:47)
Message:
Move cachedmsgid from owl_filter to owl_view.

This fixes a use-after-free bug: owl_function_create_filter sets
inuse=1, removes the current filter (hence freeing it), then calls
owl_function_change_currentview_filter → owl_view_save_curmsgid →
owl_filter_set_cachedmsgid, which writes to the filter that was just
freed.

This means that you can no longer keep two independent positions in
two different filters by repeatedly switching between filter1 → empty
→ filter2 → empty → filter1.  But I doubt anyone even knew that was
possible before.

Signed-off-by: Anders Kaseorg <andersk@mit.edu>
Reviewed-by: Nelson Elhage <nelhage@mit.edu>
Files:
3 edited

Legend:

Unmodified
Added
Removed

  • filter.c

    r3cc4bfc r7d6a751  
    2424  f->fgcolor=OWL_COLOR_DEFAULT;
    2525  f->bgcolor=OWL_COLOR_DEFAULT;
    26   f->cachedmsgid=-1;
    2726
    2827  /* first take arguments that have to come first */
     
    189188}
    190189
    191 void owl_filter_set_cachedmsgid(owl_filter *f, int cachedmsgid)
    192 {
    193   f->cachedmsgid=cachedmsgid;
    194 }
    195 
    196 int owl_filter_get_cachedmsgid(const owl_filter *f)
    197 {
    198   return(f->cachedmsgid);
    199 }
    200 
    201190/* return 1 if the message matches the given filter, otherwise
    202191 * return 0.

  • owl.h

    rb752f1e r7d6a751  
    425425  int fgcolor;
    426426  int bgcolor;
    427   int cachedmsgid;  /* cached msgid: should move into view eventually */
    428427} owl_filter;
    429428
     
    433432  owl_messagelist ml;
    434433  const owl_style *style;
     434  int cachedmsgid;
    435435} owl_view;
    436436

  • view.c

    r9e5c9f3 r7d6a751  
    126126  int cachedid;
    127127
    128   cachedid=owl_filter_get_cachedmsgid(v->filter);
     128  cachedid = v->cachedmsgid;
    129129  if (cachedid<0) return(0);
    130130  return (owl_view_get_nearest_to_msgid(v, cachedid));
    131131}
    132132
    133 /* saves the current message position in the filter so it can
    134  * be restored later if we switch back to this filter. */
    135133void owl_view_save_curmsgid(owl_view *v, int curid)
    136134{
    137   owl_filter_set_cachedmsgid(v->filter, curid);
     135  v->cachedmsgid = curid;
    138136}
    139137
Note: See TracChangeset for help on using the changeset viewer.