use after free in do_wav_capture() on the error path.
Signed-off-by: Isaku Yamahata <yamah...@valinux.co.jp>
---
monitor.c | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/monitor.c b/monitor.c
index d291158..cab5f20 100644
--- a/monitor.c
+++ b/monitor.c
@@ -2511,6 +2511,7 @@ static void do_wav_capture(Monitor *mon, const QDict
*qdict)
if (wav_start_capture (s, path, freq, bits, nchannels)) {
monitor_printf(mon, "Faied to add wave capture\n");
qemu_free (s);
+ return;
}
QLIST_INSERT_HEAD (&capture_head, s, entries);
}
--
1.7.1.1
