From 6f3e075b3ad1e6cd5b3268fce65c768340b00a5b Mon Sep 17 00:00:00 2001
From: "Andrew J. Schorr" <aschorr@telemetry-investments.com>
Date: Sat, 25 Nov 2017 13:33:00 -0500
Subject: Fix potential field corruption when $0 is set from the debugger.

---
 ChangeLog | 6 ++++++
 debug.c   | 5 +++--
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 3ab99ab4..3255d8e8 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2017-11-25         Andrew J. Schorr      <aschorr@telemetry-investments.com>
+
+	* debug.c (do_set_var): As in interpret.h (Op_store_field), we should
+	call the assign function before unref to give it a chance to copy
+	any non-malloced $n string values before freeing $0.
+
 2017-11-14         Andrew J. Schorr      <aschorr@telemetry-investments.com>
 
 	* mpfr.c (get_rnd_mode): Fix MPFR_RNDA comment.
diff --git a/debug.c b/debug.c
index 9a022669..3e76ae61 100644
--- a/debug.c
+++ b/debug.c
@@ -1299,10 +1299,11 @@ do_set_var(CMDARG *arg, int cmd ATTRIBUTE_UNUSED)
 		arg = arg->next;
 		val = arg->a_node;
 		lhs = get_field(field_num, &assign);
-		unref(*lhs);
-		*lhs = dupnode(val);
 		if (assign)
+			/* call assign to copy fields before unref frees $0 */
 			assign();
+		unref(*lhs);
+		*lhs = dupnode(val);
 		print_field(field_num);
 	}
 		break;
-- 
cgit v1.2.3