Patchwork fix use after free

login
register
mail settings
Submitter Glauber Costa
Date Sept. 25, 2009, 12:30 p.m.
Message ID <1253881857-4256-1-git-send-email-glommer@redhat.com>
Download mbox | patch
Permalink /patch/34270/
State Superseded
Headers show

Comments

Glauber Costa - Sept. 25, 2009, 12:30 p.m.
We are using the vs structure when it was just freed. Classic use after free,
fix it.

Signed-off-by: Glauber Costa <glommer@redhat.com>
---
 vnc.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

Patch

diff --git a/vnc.c b/vnc.c
index 5eaef6a..592c9b3 100644
--- a/vnc.c
+++ b/vnc.c
@@ -918,8 +918,8 @@  static void vnc_disconnect_finish(VncState *vs)
     if (!vs->vd->clients)
         dcl->idle = 1;
 
-    qemu_free(vs);
     vnc_remove_timer(vs->vd);
+    qemu_free(vs);
 }
 
 int vnc_client_io_error(VncState *vs, int ret, int last_errno)