[PATCH] ieframe: Clear a being invalidated history entry.
Jacek Caban
jacek at codeweavers.com
Tue Jan 25 11:01:42 CST 2022
Hi Dmitry,
On 1/24/22 15:04, Dmitry Timoshkov wrote:
> update_travellog() in order to clear forward history calls free_travellog_entry() to
> invalidate forward history entries, and when later an entry gets reused entry->stream
> contains a no longer valid pointer.
How does it "get reused"? Note that log buffer is also initially not
zero-initialized and generally depends on proper bounds checks.
update_travellog() decrements length when it clears forward history,
which should prevent us from treating those entries as valid.
Thanks,
Jacek
More information about the wine-devel
mailing list