[1/3] msi: Fix a double free.
Hans Leidekker
hans at codeweavers.com
Mon Apr 20 09:08:26 CDT 2009
TABLE_drop() calls TABLE_remove_column() which calls msi_update_table_columns()
which frees column info and possibly returns without reallocating. When that
happens it will be freed again when TABLE_drop() finally calls free_table().
-Hans
diff --git a/dlls/msi/table.c b/dlls/msi/table.c
index ab86bcd..e7e2e68 100644
--- a/dlls/msi/table.c
+++ b/dlls/msi/table.c
@@ -1038,8 +1038,9 @@ static void msi_update_table_columns( MSIDATABASE *db, LPCWSTR name )
table = find_cached_table( db, name );
old_count = table->col_count;
msi_free( table->colinfo );
- table_get_column_info( db, name, &table->colinfo, &table->col_count );
+ table->colinfo = NULL;
+ table_get_column_info( db, name, &table->colinfo, &table->col_count );
if (!table->col_count)
return;
More information about the wine-patches
mailing list