From e5159771bd0a013201dcef760e9320071c6df59e Mon Sep 17 00:00:00 2001 From: Dave Airlie Date: Mon, 12 Jul 2010 13:09:33 +1000 Subject: [PATCH] pciaccess: fix use after free. Using the pointer passed to realloc earlier isn't a recipe for success. Signed-off-by: Dave Airlie --- src/common_interface.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/common_interface.c b/src/common_interface.c index d46feab..4af772a 100644 --- a/src/common_interface.c +++ b/src/common_interface.c @@ -317,8 +317,8 @@ pci_device_map_range(struct pci_device *dev, pciaddr_t base, *addr = mappings[devp->num_mappings].memory; devp->num_mappings++; } else { - mappings = realloc(devp->mappings, - (sizeof(devp->mappings[0]) * devp->num_mappings)); + mappings = realloc(mappings, + (sizeof(mappings[0]) * devp->num_mappings)); } devp->mappings = mappings; -- 2.7.4