From: Glauber Costa <glommer@redhat.com>
Date: Fri, 25 Sep 2009 12:30:57 +0000 (-0400)
Subject: fix use after free
X-Git-Url: http://git.maquefel.me/?a=commitdiff_plain;h=5d95ac5b6475c3b6b0e36b5f04de49bba88b3e59;p=qemu.git

fix use after free

We are using the vs structure when it was just freed. Classic use after free,
fix it.

Signed-off-by: Glauber Costa <glommer@redhat.com>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
---

diff --git a/vnc.c b/vnc.c
index 5eaef6a3e2..592c9b3987 100644
--- a/vnc.c
+++ b/vnc.c
@@ -918,8 +918,8 @@ static void vnc_disconnect_finish(VncState *vs)
     if (!vs->vd->clients)
         dcl->idle = 1;
 
-    qemu_free(vs);
     vnc_remove_timer(vs->vd);
+    qemu_free(vs);
 }
 
 int vnc_client_io_error(VncState *vs, int ret, int last_errno)