zdoom/fluidsynth
0
0
Fork 0
mirror of https://github.com/ZDoom/fluidsynth.git synced 2024-11-27 06:22:06 +00:00
Code Issues Projects Releases Packages Wiki Activity

fix use after free in fluid_sample_timer_process()

Browse source
This commit is contained in:
derselbst 2018-05-14 10:27:21 +02:00
parent 5f70eb8226
commit 5d3f727547
1 changed files with 4 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
src/synth/fluid_synth.c
View file

@ -483,17 +483,19 @@ struct _fluid_sample_timer_t
*/
void fluid_sample_timer_process(fluid_synth_t* synth)
{
fluid_sample_timer_t* st;
fluid_sample_timer_t* st, *stnext;
long msec;
int cont;
unsigned int ticks = fluid_synth_get_ticks(synth);
for (st=synth->sample_timers; st; st=st->next) {
for (st=synth->sample_timers; st; st=stnext) {
if (st->isfinished) {
continue;
}
msec = (long) (1000.0*((double) (ticks - st->starttick))/synth->sample_rate);
/* st may be freed in the callback below. cache it's successor now to avoid use after free */
stnext = st->next;
cont = (*st->callback)(st->data, msec);
if (cont == 0) {
st->isfinished = 1;