Commit c49a4dba authored by Simon McVittie's avatar Simon McVittie

g_data_set_internal: avoid use-after-free if datalist is in dataset

Removing the last thing in a dataset frees the dataset, and if the
datalist was in a dataset, we can't safely unlock it after the dataset
has been freed. Unlock it sooner.
Signed-off-by: Simon McVittie's avatarSimon McVittie <>
Bug: Matthias Clasen's avatarMatthias Clasen <>
parent 0bf83788
......@@ -387,6 +387,10 @@ g_data_set_internal (GData **datalist,
g_free (d);
/* datalist may be situated in dataset, so must not be
* unlocked after we free it
g_datalist_unlock (datalist);
/* the dataset destruction *must* be done
* prior to invocation of the data destroy function
......@@ -394,8 +398,10 @@ g_data_set_internal (GData **datalist,
if (dataset)
g_dataset_destroy_internal (dataset);
g_datalist_unlock (datalist);
g_datalist_unlock (datalist);
/* We found and removed an old value
* the GData struct *must* already be unlinked
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment