Theoretical danger of using freed memory
Medland, Bill
Bill.Medland at accpac.com
Tue Nov 6 15:54:18 CST 2001
<<diff27.txt>>
-------------- next part --------------
Bill Medland (medbi01 at accpac.com)
Prevent danger of accessing freed memory. (Theoretical but unlikely bug).
Index: wine/server/select.c
===================================================================
RCS file: /home/wine/wine/server/select.c,v
retrieving revision 1.12
diff -u -r1.12 select.c
--- wine/server/select.c 2000/01/25 01:40:27 1.12
+++ wine/server/select.c 2001/11/06 20:31:58
@@ -58,7 +58,11 @@
if (!(newusers = realloc( poll_users, new_count * sizeof(*poll_users) ))) return -1;
if (!(newpoll = realloc( pollfd, new_count * sizeof(*pollfd) )))
{
- free( newusers );
+ if (allocated_users)
+ poll_users = newusers;
+ else
+ free( newusers );
+ obj->select = -1;
return -1;
}
poll_users = newusers;
@@ -80,6 +84,7 @@
void remove_select_user( struct object *obj )
{
int user = obj->select;
+ assert( user >= 0 );
assert( poll_users[user] == obj );
pollfd[user].fd = -1;
pollfd[user].events = 0;
More information about the wine-patches
mailing list