From 759aafa007c42dce044800863455ad6048ed0ba5 Mon Sep 17 00:00:00 2001
From: Ori Bernstein <ori@eigenstate.org>
Date: Fri, 25 Jun 2021 23:10:07 +0000
Subject: [PATCH] rc: skip arguments to Xsrcline, Xsrcfile in codefree

We weren't correctly skipping the location operators
in codefree. This would mostly be work, but sometimes
you'd get unlucky and have one of the argmuents mismatch,
and that would lead to an invalid free.

This correctly skips the args in codefree.
---
 sys/src/cmd/rc/code.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/sys/src/cmd/rc/code.c b/sys/src/cmd/rc/code.c
index 89cc43183..8e0142997 100644
--- a/sys/src/cmd/rc/code.c
+++ b/sys/src/cmd/rc/code.c
@@ -181,7 +181,7 @@ outcode(tree *t, int eflag)
 			emits(fnstr(c1));
 			if((f = curfile(runq)) != nil){
 				emitf(Xsrcfile);
-				emits(strdup(f));
+				emits(estrdup(f));
 			}
 			emitf(Xsrcline);
 			emiti(runq->lexline);
@@ -486,10 +486,11 @@ codefree(code *cp)
 		|| p->f==Xrdwr
 		|| p->f==Xasync || p->f==Xbackq || p->f==Xcase || p->f==Xfalse
 		|| p->f==Xfor || p->f==Xjump
+		|| p->f==Xsrcline
 		|| p->f==Xsubshell || p->f==Xtrue) p++;
 		else if(p->f==Xdup || p->f==Xpipefd) p+=2;
 		else if(p->f==Xpipe) p+=4;
-		else if(p->f==Xglobs) free(p[1].s), p+=2;
+		else if(p->f==Xglobs || p->f==Xsrcfile) free(p[1].s), p+=2;
 		else if(p->f==Xword || p->f==Xdelhere) free((++p)->s);
 		else if(p->f==Xfn){
 			free(p[2].s);