[patch] segv on use-after-free in dsound/buffer.c
Yuriy Kaminskiy
yumkam at mail.ru
Sat May 23 08:49:34 CDT 2009
Hello!
One of games rarely crashed with segv in line 86 of dsound/buffer.c:
85: IDirectSoundBuffer_Release((LPDIRECTSOUNDBUFFER)This->dsb);
86: This->dsb->notify = NULL;
(sorry, I failed to save actual backtrace at the time). This looks
like typical assign-after-free bug. I've applied attached patch
(wine-1.1.7, now on 1.1.19), no crashes so far (btw, similar
*Secodary*Release method down in code uses proper order -
assign-NULL-then-release).
-------------- next part --------------
A non-text attachment was scrubbed...
Name: wine-1.1.7-dsound-use-after-free.patch
Type: text/x-diff
Size: 555 bytes
Desc: not available
URL: <http://www.winehq.org/pipermail/wine-devel/attachments/20090523/e9ac16ac/attachment.patch>
More information about the wine-devel
mailing list