From d7085a06358c22250a27186bb7d52112ed4addd1 Mon Sep 17 00:00:00 2001 From: Gianmaria Bajo Date: Thu, 31 Aug 2023 18:15:26 +0200 Subject: [PATCH] patch 9.0.1830: Vim9: crash when accessing a null object Problem: Vim9: crash when accessing a null object Solution: Check accessing a NULL object in def function An object is NULL when the variable is declared, but the constructor isn't called. Accessing/setting a member on the object crashed Vim. Note: this happens inside def functions, at script level things work differently. Accessing a NULL object member results in E1360 (correctly), while setting a value on it results in E1012 (type mismatch) so there's still something to fix. closes: #12973 Signed-off-by: Christian Brabandt Co-authored-by: Gianmaria Bajo --- src/testdir/test_vim9_class.vim | 55 +++++++++++++++++++++++++++++++++ src/version.c | 2 ++ src/vim9execute.c | 9 +++++- 3 files changed, 65 insertions(+), 1 deletion(-) diff --git a/src/testdir/test_vim9_class.vim b/src/testdir/test_vim9_class.vim index 98db71d03f..c859ee4e95 100644 --- a/src/testdir/test_vim9_class.vim +++ b/src/testdir/test_vim9_class.vim @@ -1180,6 +1180,61 @@ def Test_class_member() END v9.CheckScriptFailure(lines, 'E1010:') + # Test for setting a member on a null object + lines =<< trim END + vim9script + class A + this.val: string + endclass + + def F() + var obj: A + obj.val = "" + enddef + F() + END + v9.CheckScriptFailure(lines, 'E1360: Using a null object') + + # Test for accessing a member on a null object + lines =<< trim END + vim9script + class A + this.val: string + endclass + + def F() + var obj: A + echo obj.val + enddef + F() + END + v9.CheckScriptFailure(lines, 'E1360: Using a null object') + + # Test for setting a member on a null object, at script level + lines =<< trim END + vim9script + class A + this.val: string + endclass + + var obj: A + obj.val = "" + END + # FIXME(in source): this should give E1360 as well! + v9.CheckScriptFailure(lines, 'E1012: Type mismatch; expected object but got string') + + # Test for accessing a member on a null object, at script level + lines =<< trim END + vim9script + class A + this.val: string + endclass + + var obj: A + echo obj.val + END + v9.CheckScriptFailure(lines, 'E1360: Using a null object') + # Test for no space before or after the '=' when initializing a member # variable lines =<< trim END diff --git a/src/version.c b/src/version.c index 634d655295..3aa10c6bed 100644 --- a/src/version.c +++ b/src/version.c @@ -699,6 +699,8 @@ static char *(features[]) = static int included_patches[] = { /* Add new patch number below this line */ +/**/ + 1830, /**/ 1829, /**/ diff --git a/src/vim9execute.c b/src/vim9execute.c index 2eb6ba4cae..b26934dc47 100644 --- a/src/vim9execute.c +++ b/src/vim9execute.c @@ -2147,7 +2147,14 @@ execute_storeindex(isn_T *iptr, ectx_T *ectx) // -1 dict, list, blob or object tv = STACK_TV_BOT(-3); SOURCING_LNUM = iptr->isn_lnum; - if (dest_type == VAR_ANY) + + // Make sure an object has been initialized + if (dest_type == VAR_OBJECT && tv_dest->vval.v_object == NULL) + { + emsg(_(e_using_null_object)); + status = FAIL; + } + else if (dest_type == VAR_ANY) { dest_type = tv_dest->v_type; if (dest_type == VAR_DICT)