[Spice-devel] [PATCH spice-server] reds: Fix use-after-free
Uri Lublin
uril at redhat.com
Wed Jul 17 11:50:50 UTC 2019
On 7/17/19 1:41 PM, Frediano Ziglio wrote:
> video_codecs can be freed so use it before.
>
> Signed-off-by: Frediano Ziglio <fziglio at redhat.com>
Ack.
I had a similar patch, you sent your faster :)
Uri.
> ---
> server/reds.c | 8 ++++----
> 1 file changed, 4 insertions(+), 4 deletions(-)
>
> diff --git a/server/reds.c b/server/reds.c
> index 817fdd423..78bbe5a0f 100644
> --- a/server/reds.c
> +++ b/server/reds.c
> @@ -3851,6 +3851,10 @@ static int reds_set_video_codecs_from_string(RedsState *reds, const char *codecs
> codecs = c;
> }
>
> + if (installed) {
> + *installed = video_codecs->len;
> + }
> +
> if (video_codecs->len == 0) {
> spice_warning("Failed to set video codecs, input string: '%s'", codecs);
> g_array_unref(video_codecs);
> @@ -3860,10 +3864,6 @@ static int reds_set_video_codecs_from_string(RedsState *reds, const char *codecs
>
> g_free(codecs_copy);
>
> - if (installed) {
> - *installed = video_codecs->len;
> - }
> -
> return invalid_codecs;
> }
>
>
More information about the Spice-devel
mailing list