Fix potential field corruption when $0 is set from the debugger.

2 files changed, 9 insertions, 2 deletions

diff --git a/ChangeLog b/ChangeLog
index 3ab99ab4..3255d8e8 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2017-11-25         Andrew J. Schorr      <aschorr@telemetry-investments.com>
+
+	* debug.c (do_set_var): As in interpret.h (Op_store_field), we should
+	call the assign function before unref to give it a chance to copy
+	any non-malloced $n string values before freeing $0.
+
 2017-11-14         Andrew J. Schorr      <aschorr@telemetry-investments.com>
 
 	* mpfr.c (get_rnd_mode): Fix MPFR_RNDA comment.
diff --git a/debug.c b/debug.c
index 9a022669..3e76ae61 100644
--- a/debug.c
+++ b/debug.c
@@ -1299,10 +1299,11 @@ do_set_var(CMDARG *arg, int cmd ATTRIBUTE_UNUSED)
 		arg = arg->next;
 		val = arg->a_node;
 		lhs = get_field(field_num, &assign);
-		unref(*lhs);
-		*lhs = dupnode(val);
 		if (assign)
+			/* call assign to copy fields before unref frees $0 */
 			assign();
+		unref(*lhs);
+		*lhs = dupnode(val);
 		print_field(field_num);
 	}
 		break;