[patch] segv on use-after-free in dsound/buffer.c
Austin English
austinenglish at gmail.com
Sat May 23 14:39:54 CDT 2009
2009/5/23 Yuriy Kaminskiy <yumkam at mail.ru>:
> Hello!
> One of games rarely crashed with segv in line 86 of dsound/buffer.c:
> 85: IDirectSoundBuffer_Release((LPDIRECTSOUNDBUFFER)This->dsb);
> 86: This->dsb->notify = NULL;
> (sorry, I failed to save actual backtrace at the time). This looks like
> typical assign-after-free bug. I've applied attached patch (wine-1.1.7, now
> on 1.1.19), no crashes so far (btw, similar *Secodary*Release method down in
> code uses proper order - assign-NULL-then-release).
Please send patches to wine-patches at winehq.org
Thanks for helping Wine!
--
-Austin
More information about the wine-devel
mailing list