fix(api): fix crash in command preview with % #35228

Problem: parse_cmdline() sets eap->cmdlinep to address of local parameter, causing invalid memory access when expand_filename() tries to modify it. This leads to crashes when typing '%' in user commands with preview=true and complete=file. Solution: Change parse_cmdline() signature to accept char **cmdline, allowing cmdlinep to point to caller's variable for safe reallocation.
2025-10-13 21:36:05 +00:00 · 2025-08-13 04:43:56 +08:00
parent 3eab5bd38a
commit c7c3f9fc9c
4 changed files with 25 additions and 6 deletions
--- a/src/nvim/ex_getln.c
+++ b/src/nvim/ex_getln.c
@@ -2678,7 +2678,7 @@ static bool cmdpreview_may_show(CommandLineState *s)
  char *cmdline = xstrdup(ccline.cmdbuff);
  const char *errormsg = NULL;
  emsg_off++;  // Block errors when parsing the command line, and don't update v:errmsg
-  if (!parse_cmdline(cmdline, &ea, &cmdinfo, &errormsg)) {
+  if (!parse_cmdline(&cmdline, &ea, &cmdinfo, &errormsg)) {
    emsg_off--;
    goto end;
  }