Steps to reproduce

1. Configure cmd.exe to run in Windows Console Host

2. Run cmd.exe

3. Make sure the window can scroll horizontally:

   1. Click the icon in the console window title bar
   2. Select Properties
   3. Under Screen Buffer Size for Width enter 110
   4. Under Window Size for Width enter 100

   (The buffer size needs to be larger than the window size)

4. Type characters (e.g. "AAAAAA...") until the end of the window so it scrolls horizontally.

5. Continue to type characters (e.g. "AAAAAA...") until the end of the line so the line wraps.

6. Observe clink crashing because of a NULL ptr in tputs.

Basic analysis

I am not familiar with the code, so this may be wrong.

• tputs is called with s == NULL.

• tputs is called by ‎‎_rl_clear_to_eol where _rl_term_clreol == NULL.
  (There is an assert to detect this but that's not in the release version and would also have caused a crash.)

• ‎‎_rl_clear_to_eol is called from display_manager::display. Which, at the very start creates a preserve_window_scroll_position object that sets _rl_term_clreol to nullptr.
  Once the preserve_window_scroll_position is deleted, the _rl_term_clreol value will be reset to its original value. However, the code does not delete the object before calling ‎‎_rl_clear_to_eol.

Other possible issues

It appears there other other locations in the code where a preserve_window_scroll_position object is created and ‎‎_rl_clear_to_eol is called before the object is destroyed, which would cause similar issues.