Opened 11 years ago

Closed 11 years ago

#7014 closed defect (fixed)

Possible use after free in lirc_client.c

Reported by: Erik Hovland <erik@…> Owned by: danielk
Priority: trivial Milestone: unknown
Component: MythTV - User Interface Library Version: head
Severity: low Keywords:
Cc: Ticket locked: no

Description

It is possible to use sha_bang after it has been freed, because it hasn't been zeroed out.

Attachments (1)

libs_libmythui-use-after-free (715 bytes) - added by Erik Hovland <erik@…> 11 years ago.
zero both sha_bang and filename after free

Download all attachments as: .zip

Change History (3)

Changed 11 years ago by Erik Hovland <erik@…>

zero both sha_bang and filename after free

comment:1 Changed 11 years ago by stuartm

Owner: changed from stuartm to danielk
Status: newassigned

comment:2 Changed 11 years ago by danielk

Resolution: fixed
Status: assignedclosed

(In [22167]) Fixes #7014. clear pointers after free to avoid possible deref of free'd pointer in lirc code.

Note: See TracTickets for help on using tickets.