Changeset c3a47c9


Ignore:
Timestamp:
Jan 30, 2010, 9:26:54 PM (14 years ago)
Author:
Anders Kaseorg <andersk@mit.edu>
Branches:
master, release-1.10, release-1.6, release-1.7, release-1.8, release-1.9
Children:
9a023d0
Parents:
fde6d80
git-author:
Anders Kaseorg <andersk@mit.edu> (01/25/10 21:56:47)
git-committer:
Anders Kaseorg <andersk@mit.edu> (01/30/10 21:26:54)
Message:
Move cachedmsgid from owl_filter to owl_view.

This fixes a use-after-free bug: owl_function_create_filter sets
inuse=1, removes the current filter (hence freeing it), then calls
owl_function_change_currentview_filter → owl_view_save_curmsgid →
owl_filter_set_cachedmsgid, which writes to the filter that was just
freed.

This means that you can no longer keep two independent positions in
two different filters by repeatedly switching between filter1 → empty
→ filter2 → empty → filter1.  But I doubt anyone even knew that was
possible before.

Signed-off-by: Anders Kaseorg <andersk@mit.edu>
Reviewed-by: Nelson Elhage <nelhage@mit.edu>
Files:
3 edited

Legend:

Unmodified
Added
Removed

  • filter.c

    r3cc4bfc rc3a47c9  
    2424  f->fgcolor=OWL_COLOR_DEFAULT;
    2525  f->bgcolor=OWL_COLOR_DEFAULT;
    26   f->cachedmsgid=-1;
    2726
    2827  /* first take arguments that have to come first */
     
    189188}
    190189
    191 void owl_filter_set_cachedmsgid(owl_filter *f, int cachedmsgid)
    192 {
    193   f->cachedmsgid=cachedmsgid;
    194 }
    195 
    196 int owl_filter_get_cachedmsgid(const owl_filter *f)
    197 {
    198   return(f->cachedmsgid);
    199 }
    200 
    201190/* return 1 if the message matches the given filter, otherwise
    202191 * return 0.

  • owl.h

    ra999d9e rc3a47c9  
    426426  int fgcolor;
    427427  int bgcolor;
    428   int cachedmsgid;  /* cached msgid: should move into view eventually */
    429428} owl_filter;
    430429
     
    434433  owl_messagelist ml;
    435434  const owl_style *style;
     435  int cachedmsgid;
    436436} owl_view;
    437437

  • view.c

    r9e5c9f3 rc3a47c9  
    126126  int cachedid;
    127127
    128   cachedid=owl_filter_get_cachedmsgid(v->filter);
     128  cachedid = v->cachedmsgid;
    129129  if (cachedid<0) return(0);
    130130  return (owl_view_get_nearest_to_msgid(v, cachedid));
    131131}
    132132
    133 /* saves the current message position in the filter so it can
    134  * be restored later if we switch back to this filter. */
    135133void owl_view_save_curmsgid(owl_view *v, int curid)
    136134{
    137   owl_filter_set_cachedmsgid(v->filter, curid);
     135  v->cachedmsgid = curid;
    138136}
    139137
Note: See TracChangeset for help on using the changeset viewer.