Found using the Clang Static Analyzer.
* libtrivfs/protid-clean.c (trivfs_clean_protid): Fix use-after-free error.
---
libtrivfs/protid-clean.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/libtrivfs/protid-clean.c b/libtrivfs/protid-clean.c
index 856d7af..575dec3 100644
--- a/libtrivfs/protid-clean.c
+++ b/libtrivfs/protid-clean.c
@@ -39,10 +39,13 @@ trivfs_clean_protid (void *arg)
}
if (--cred->po->refcnt == 0)
{
+ struct trivfs_control *cntl = cred->po->cntl;
ports_port_deref (cred->po->cntl);
free (cred->po);
+ pthread_mutex_unlock (&cntl->lock);
}
- pthread_mutex_unlock (&cred->po->cntl->lock);
+ else
+ pthread_mutex_unlock (&cred->po->cntl->lock);
iohelp_free_iouser (cred->user);
--
1.7.10.4
