Date: Mon, 3 Oct 2022 23:11:29 GMT From: John Baldwin <jhb@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: git: 8f27c9d14a55 - main - libiconv VIQR: Fix a use after free. Message-ID: <202210032311.293NBTSY065780@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by jhb: URL: https://cgit.FreeBSD.org/src/commit/?id=8f27c9d14a559f33aa7fc3245f841f7ce52fadd5 commit 8f27c9d14a559f33aa7fc3245f841f7ce52fadd5 Author: John Baldwin <jhb@FreeBSD.org> AuthorDate: 2022-10-03 23:10:43 +0000 Commit: John Baldwin <jhb@FreeBSD.org> CommitDate: 2022-10-03 23:10:43 +0000 libiconv VIQR: Fix a use after free. Use TAILQ_FOREACH_SAFE to walk to list of children mnemonics to free them instead of TAILQ_FOREACH. Reviewed by: emaste Reported by: GCC 12 -Wuse-after-free Differential Revision: https://reviews.freebsd.org/D36821 --- lib/libiconv_modules/VIQR/citrus_viqr.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/libiconv_modules/VIQR/citrus_viqr.c b/lib/libiconv_modules/VIQR/citrus_viqr.c index 8a81a7d12b01..f40910d8edf3 100644 --- a/lib/libiconv_modules/VIQR/citrus_viqr.c +++ b/lib/libiconv_modules/VIQR/citrus_viqr.c @@ -195,9 +195,9 @@ mnemonic_append_child(mnemonic_t *m, const char *s, static void mnemonic_destroy(mnemonic_t *m) { - mnemonic_t *m0; + mnemonic_t *m0, *n; - TAILQ_FOREACH(m0, &m->child, entry) + TAILQ_FOREACH_SAFE(m0, &m->child, entry, n) mnemonic_destroy(m0); free(m); }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202210032311.293NBTSY065780>