changeset
mediamanager: fix invalid memory read
Fri, 10 Jun 2016 16:47:02 +0200
- author
- Jakub Adam <jakub.adam@ktknet.cz>
- date
- Fri, 10 Jun 2016 16:47:02 +0200
- branch
- release-2.x.y
- changeset 37795
- d9aac4128ad2
- parent 37794
- 1645cfba41c8
- child 37796
- 160437508477
mediamanager: fix invalid memory read
Loop was accessing 'next' pointer in already deallocated GList item.
Reported by Valgrind.
Backport of Pidgin 3 commit 457ce85caedc.
| libpurple/mediamanager.c | file | annotate | diff | comparison | revisions |
--- a/libpurple/mediamanager.c Mon May 16 14:52:58 2016 +0200 +++ b/libpurple/mediamanager.c Fri Jun 10 16:47:02 2016 +0200 @@ -491,14 +491,18 @@ #ifdef HAVE_MEDIA_APPLICATION g_mutex_lock (&manager->priv->appdata_mutex); - for (list = manager->priv->appdata_info; list; list = list->next) { + list = manager->priv->appdata_info; + while (list) { PurpleMediaAppDataInfo *info = list->data; + GList *next = list->next; if (info->media == media) { manager->priv->appdata_info = g_list_delete_link ( manager->priv->appdata_info, list); free_appdata_info_locked (info); } + + list = next; } g_mutex_unlock (&manager->priv->appdata_mutex); #endif
