[PATCH 1/4] xfree86: fix use-after-free issue in checkInput
Peter Hutterer
peter.hutterer at who-t.net
Mon Jun 25 17:00:47 PDT 2012
*dev is the condition of the while loop we're in, reset to NULL after
freeing
Signed-off-by: Peter Hutterer <peter.hutterer at who-t.net>
---
hw/xfree86/common/xf86Config.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/hw/xfree86/common/xf86Config.c b/hw/xfree86/common/xf86Config.c
index b22b617..3ec40fe 100644
--- a/hw/xfree86/common/xf86Config.c
+++ b/hw/xfree86/common/xf86Config.c
@@ -2329,6 +2329,7 @@ checkInput(serverLayoutPtr layout, Bool implicit_layout)
current = dev;
free(*dev);
+ *dev = NULL;
do {
*current = *(current + 1);
--
1.7.10.2
More information about the xorg-devel
mailing list