Overview

File 0018-fixed-gzip-use-after-free-issue.patch of Package stargus

From 43a7f82e2ebdd0754748b11856bd88e7224e3d7a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ren=C3=A9=20Kjellerup?= <rk.katana.steel@gmail.com>
Date: Wed, 26 Apr 2017 22:14:02 -0700
Subject: [PATCH 18/26] fixed gzip use after free issue

gzclose(fp) will finish any pending writes, so freeing the write buffer
before closing the file is essentially referencing free'ed memory while the
close calls flushes the write buffer.
---
 startool.cpp | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/startool.cpp b/startool.cpp
index 44d6689..9541c49 100644
--- a/startool.cpp
+++ b/startool.cpp
@@ -3921,10 +3921,10 @@ int ConvertWav(const char *listfile, const char *file, int wave __attribute__((u
 		printf("Can't write %d bytes\n", EntrySize);
 	}
 
-	free(wavp);
-
 	gzclose(gf);
 
+	free(wavp);
+
 	return 0;
 }
 
-- 
2.16.4
openSUSE Build Service is sponsored by
Places