[Spice-devel] [PATCH v2 06/15] char-device: Avoid use-after-free
Jonathon Jongsma
jjongsma at redhat.com
Thu Mar 31 21:07:04 UTC 2016
From: Christophe Fergeau <cfergeau at redhat.com>
Reset pointer after freeing the structure pointing to it.
Acked-by: Jonathon Jongsma <jjongsma at redhat.com>
---
server/char-device.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/server/char-device.c b/server/char-device.c
index 3056f51..2957a1b 100644
--- a/server/char-device.c
+++ b/server/char-device.c
@@ -212,6 +212,7 @@ static void red_char_device_client_free(RedCharDevice *dev,
if (dev_client->wait_for_tokens_timer) {
reds_core_timer_remove(dev->priv->reds, dev_client->wait_for_tokens_timer);
+ dev_client->wait_for_tokens_timer = NULL;
}
red_char_device_client_send_queue_free(dev, dev_client);
--
2.4.3
More information about the Spice-devel
mailing list