When a syntax highlighting description file calls a whole file as a subroutine, cmd->call_subr is NULL. However, link_syntax calls vsfmt with cmd->call_subr as an argument, corresponding to a %s in the format string. vsfmt calls zlen, which calls strlen, which dereferences the pointer causing a segfault.
I made two changes. One detects when an argument to vsfmt, corresponding to a %s, is NULL, and prints "(null)" instead of crashing. The other checks whether cmd->call_subr is NULL and passes an empty string to vsfmt instead of cmd->call_subr if so.
The patch was made against the current cvs HEAD (2007-07-25).
Log in to post a comment.