sed: fix double-free in FEATURE_CLEAN_UP code

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

diff --git a/editors/sed.c b/editors/sed.c
index 47022085949ab0c0520a3791025f39c15725b2b0..1054c1302399d75284f0bb8f72bfc7a877865574 100644 (file)
--- a/editors/sed.c
+++ b/editors/sed.c
@@ -180,18 +180,23 @@ static void sed_free_and_close_stuff(void)
                if (sed_cmd->sw_file)
                        fclose(sed_cmd->sw_file);
 
-               if (sed_cmd->beg_match) {
-                       regfree(sed_cmd->beg_match);
-                       free(sed_cmd->beg_match);
-               }
-               if (sed_cmd->end_match) {
-                       regfree(sed_cmd->end_match);
-                       free(sed_cmd->end_match);
-               }
-               if (sed_cmd->sub_match) {
-                       regfree(sed_cmd->sub_match);
-                       free(sed_cmd->sub_match);
-               }
+               /* Used to free regexps, but now there is code
+                * in get_address() which can reuse a regexp
+                * for constructs as /regexp/cmd1;//cmd2
+                * leading to double-frees here:
+                */
+               //if (sed_cmd->beg_match) {
+               //      regfree(sed_cmd->beg_match);
+               //      free(sed_cmd->beg_match);
+               //}
+               //if (sed_cmd->end_match) {
+               //      regfree(sed_cmd->end_match);
+               //      free(sed_cmd->end_match);
+               //}
+               //if (sed_cmd->sub_match) {
+               //      regfree(sed_cmd->sub_match);
+               //      free(sed_cmd->sub_match);
+               //}
                free(sed_cmd->string);
                free(sed_cmd);
                sed_cmd = sed_cmd_next;