pciaccess: fix use after free.

Using the pointer passed to realloc earlier isn't a recipe for success.

Signed-off-by: Dave Airlie <airlied@redhat.com>

diff --git a/src/common_interface.c b/src/common_interface.c
index d46feab..4af772a 100644 (file)
--- a/src/common_interface.c
+++ b/src/common_interface.c
@@ -317,8 +317,8 @@ pci_device_map_range(struct pci_device *dev, pciaddr_t base,
         *addr =  mappings[devp->num_mappings].memory;
         devp->num_mappings++;
     } else {
-        mappings = realloc(devp->mappings,
-                           (sizeof(devp->mappings[0]) * devp->num_mappings));
+        mappings = realloc(mappings,
+                           (sizeof(mappings[0]) * devp->num_mappings));
     }
 
     devp->mappings = mappings;