thodg/got

Browse

Commit f8405c929e03f5dbe8ed41ede81cba7fad2d4a65

Stefan Sperling 2018-09-02T13:45:01

fix tog use-after-free via stale view->parent pointer 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15

diff --git a/tog/tog.c b/tog/tog.c
index 72a9f58..8df3d9c 100644
--- a/tog/tog.c
+++ b/tog/tog.c
@@ -466,6 +466,10 @@ view_loop(struct tog_view *view)
 			break;
 		if (dead_view) {
 			TAILQ_REMOVE(&views, dead_view, entry);
+			TAILQ_FOREACH(view, &views, entry) {
+				if (view->parent == dead_view)
+					view->parent = NULL;
+			}
 			if (dead_view->parent)
 				view = dead_view->parent;
 			else
kmx.io     mail     discord kmxgit v0.4.0