projects
/
platform
/
upstream
/
glib.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
a0a3643
)
GBytes: deal with a corner-case
author
Matthias Clasen
<mclasen@redhat.com>
Wed, 17 Oct 2012 01:07:13 +0000
(21:07 -0400)
committer
Matthias Clasen
<mclasen@redhat.com>
Wed, 17 Oct 2012 01:21:25 +0000
(21:21 -0400)
When calling g_bytes_unref_to_data on a GBytes with NULL data
we could end up with double-free or use-after-free issues.
https://bugzilla.gnome.org/show_bug.cgi?id=686091
glib/gbytes.c
patch
|
blob
|
history
diff --git
a/glib/gbytes.c
b/glib/gbytes.c
index
daf5642
..
93f74dd
100644
(file)
--- a/
glib/gbytes.c
+++ b/
glib/gbytes.c
@@
-390,7
+390,7
@@
try_steal_and_unref (GBytes *bytes,
{
gpointer result;
- if (bytes->free_func != free_func)
+ if (bytes->free_func != free_func
|| bytes->data == NULL
)
return NULL;
/* Are we the only reference? */