From 23fccb17f7414c0e3af17d37c6c2d86eb9b80c8c Mon Sep 17 00:00:00 2001 From: Juan RP Date: Sun, 5 Oct 2014 09:18:59 +0200 Subject: [PATCH] lib/transaction_revdeps.c: use-after-free (CID 62765) --- lib/transaction_revdeps.c | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/lib/transaction_revdeps.c b/lib/transaction_revdeps.c index 2e341664..f02a11c5 100644 --- a/lib/transaction_revdeps.c +++ b/lib/transaction_revdeps.c @@ -1,5 +1,5 @@ /*- - * Copyright (c) 2013 Juan Romero Pardines. + * Copyright (c) 2013-2014 Juan Romero Pardines. * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -45,15 +45,18 @@ check_virtual_pkgs(struct xbps_handle *xhp, xbps_dictionary_t trans_pkgd, xbps_dictionary_t rev_pkgd) { - xbps_array_t unsorted, provides, rundeps, mdeps; - const char *pkgver, *revpkgver, *pkgpattern; - char *pkgname, *pkgdepname, *vpkgname, *vpkgver, *str; + xbps_array_t unsorted, provides; bool matched = false; unsorted = xbps_dictionary_get(xhp->transd, "unsorted_deps"); provides = xbps_dictionary_get(trans_pkgd, "provides"); for (unsigned int i = 0; i < xbps_array_count(provides); i++) { - char *tmp = NULL; + xbps_array_t rundeps, mdeps; + const char *pkgver, *revpkgver, *pkgpattern; + char *tmp, *pkgname, *pkgdepname, *vpkgname, *vpkgver, *str; + + pkgver = revpkgver = pkgpattern = NULL; + tmp = pkgname = pkgdepname = vpkgname = vpkgver = str = NULL; xbps_array_get_cstring(provides, i, &vpkgver); if (strchr(vpkgver, '_') == NULL) {