From b91d6e430af611f0d4fd0067b64786d2c1041390 Mon Sep 17 00:00:00 2001 From: William King Date: Sun, 15 Sep 2013 16:19:19 -0700 Subject: [PATCH] How did the use after free not blowup in the last 3 years since it was modified? --- src/mod/applications/mod_fifo/mod_fifo.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/mod/applications/mod_fifo/mod_fifo.c b/src/mod/applications/mod_fifo/mod_fifo.c index 7c236ef6d2..1affefa3e4 100644 --- a/src/mod/applications/mod_fifo/mod_fifo.c +++ b/src/mod/applications/mod_fifo/mod_fifo.c @@ -1637,7 +1637,6 @@ static void *SWITCH_THREAD_FUNC o_thread_run(switch_thread_t *thread, void *obj) fifo_execute_sql_queued(&sql, SWITCH_TRUE, SWITCH_TRUE); status = switch_ivr_originate(NULL, &session, &cause, originate_string, h->timeout, NULL, NULL, NULL, NULL, ovars, SOF_NONE, NULL); - free(originate_string); if (status != SWITCH_STATUS_SUCCESS) { @@ -1694,6 +1693,10 @@ static void *SWITCH_THREAD_FUNC o_thread_run(switch_thread_t *thread, void *obj) end: + if ( originate_string ){ + switch_safe_free(originate_string); + } + switch_event_destroy(&ovars); if (node) { switch_mutex_lock(node->update_mutex);