Resizing: fix leaks, use-after-free.

author: Kaz Kylheku <kaz@kylheku.com> 2022-05-09 07:14:29 -0700
committer: Kaz Kylheku <kaz@kylheku.com> 2022-05-09 07:14:29 -0700
commit: 4dc7fe9854ca533ea4de84221061fb857b6e0dd4 (patch)
tree: bb55b45ef72b3a201a9894ac3f59c3052bdf6b26
parent: a5381325f76e2d817ee44819cf2c64a3123a21fc (diff)
download: pw-4dc7fe9854ca533ea4de84221061fb857b6e0dd4.tar.gz
pw-4dc7fe9854ca533ea4de84221061fb857b6e0dd4.tar.bz2
pw-4dc7fe9854ca533ea4de84221061fb857b6e0dd4.zip
1 files changed, 15 insertions, 14 deletions
diff --git a/pw.c b/pw.c
index bf27dad..1c77191 100644
--- a/pw.c
+++ b/pw.c
@@ -1413,27 +1413,26 @@ int main(int argc, char **argv)
     if (winch) {
       winch = 0;
       if (ioctl(ttyfd, TIOCGWINSZ, &ws) == 0) {
+        int oldmax = pw.maxlines;
+        if (maxed || pw.maxlines >= ws.ws_row - 1) {
+          maxed = 1;
+          pw.maxlines = ws.ws_row - 1;
+        }
         if (maxed) {
           pw.hist = 0;
-          pw.circbuf = resizebuf(pw.circbuf, pw.maxlines, ws.ws_row - 1);
-          snapshot[0] = resizebuf(snapshot[0], pw.maxlines, ws.ws_row - 1);
+          pw.circbuf = resizebuf(pw.circbuf, oldmax, pw.maxlines);
+          snapshot[0] = resizebuf(snapshot[0], oldmax, pw.maxlines);
+          if (pw.nlines > pw.maxlines)
+            pw.nlines = pw.maxlines;
+          if (snaplines[0] > pw.maxlines)
+            snaplines[0] = pw.maxlines;
           for (int i = 1; i < snhistsize; i++) {
             freebuf(snapshot[i], snaplines[i]);
             free(snapshot[i]);
             snapshot[i] = 0;
           }
-        } else {
-          if (pw.maxlines >= ws.ws_row) {
-            pw.maxlines = ws.ws_row - 1;
-            maxed = 1;
-          }
         }
 
-        if (pw.nlines > pw.maxlines)
-          pw.nlines = pw.maxlines;
-        if (snaplines[0] > pw.maxlines)
-          snaplines[0] = pw.maxlines;
-
         pw.columns = ws.ws_col;
 
         clipsplits(&pw);
@@ -1663,6 +1662,7 @@ int main(int argc, char **argv)
               break;
             } else {
               int count = (cmdcount == INT_MAX) ? 1 : cmdcount;
+              int oldmax = pw.maxlines;
 
               pw.maxlines += count;
 
@@ -1671,8 +1671,9 @@ int main(int argc, char **argv)
                 pw.maxlines = ws.ws_row - 1;
               }
 
-              pw.circbuf = resizebuf(pw.circbuf, pw.maxlines, pw.maxlines + 1);
-              snapshot[0] = resizebuf(snapshot[0], pw.maxlines, pw.maxlines + 1);
+              pw.circbuf = resizebuf(pw.circbuf, oldmax, pw.maxlines);
+              snapshot[0] = resizebuf(snapshot[0], oldmax, pw.maxlines);
+
               for (int i = 1; i < snhistsize; i++) {
                 freebuf(snapshot[i], snaplines[i]);
                 free(snapshot[i]);
author	Kaz Kylheku <kaz@kylheku.com>	2022-05-09 07:14:29 -0700
committer	Kaz Kylheku <kaz@kylheku.com>	2022-05-09 07:14:29 -0700
commit	4dc7fe9854ca533ea4de84221061fb857b6e0dd4 (patch)
tree	bb55b45ef72b3a201a9894ac3f59c3052bdf6b26
parent	a5381325f76e2d817ee44819cf2c64a3123a21fc (diff)
download	pw-4dc7fe9854ca533ea4de84221061fb857b6e0dd4.tar.gz pw-4dc7fe9854ca533ea4de84221061fb857b6e0dd4.tar.bz2 pw-4dc7fe9854ca533ea4de84221061fb857b6e0dd4.zip