luc14n0/glib
1
0
Fork 0
mirror of https://gitlab.gnome.org/GNOME/glib.git synced 2024-12-25 23:16:14 +01:00
Code Issues Packages Projects Releases Wiki Activity

GBytes: deal with a corner-case

Browse Source 
When calling g_bytes_unref_to_data on a GBytes with NULL data
we could end up with double-free or use-after-free issues.
https://bugzilla.gnome.org/show_bug.cgi?id=686091
This commit is contained in:
Matthias Clasen 2012-10-16 21:07:13 -04:00
parent a0a3643823
commit d906f84a44
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
glib/gbytes.c
View File

@ -390,7 +390,7 @@ try_steal_and_unref (GBytes *bytes,
{
gpointer result;
if (bytes->free_func != free_func)
if (bytes->free_func != free_func || bytes->data == NULL)
return NULL;
/* Are we the only reference? */