Commit 5ce4041b authored by Dan Williams's avatar Dan Williams Committed by Ignacio Casal Quinteiro

Fix use-after-free during incremental search

Move the free right before the assignment to ensure that
old_search_text is never left dangling and thus double-freed
if init_search_entry() is called again.

Fixes https://bugzilla.gnome.org/show_bug.cgi?id=651068
parent ce9114ee
......@@ -1237,8 +1237,6 @@ init_search_entry (GeditViewFrame *frame)
guint old_find_flags = 0;
gint sel_len = 0;
g_free (frame->priv->old_search_text);
old_find_text = gedit_document_get_search_text (GEDIT_DOCUMENT (buffer),
&old_find_flags);
......@@ -1260,6 +1258,7 @@ init_search_entry (GeditViewFrame *frame)
}
else if (old_find_text != NULL)
{
g_free (frame->priv->old_search_text);
frame->priv->old_search_text = old_find_text;
add_search_completion_entry (old_find_text);
g_signal_handler_block (frame->priv->search_entry,
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment