ShuriZma
/
mgba
mirror of https://github.com/mgba-emu/mgba.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Debugger: Fix use-after-free in breakpoint clearing code

This commit is contained in:
Jeffrey Pfau 2015-04-22 21:24:02 -07:00
parent 86bf02b9d5
commit 2666c77837
2 changed files with 14 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGES
View File

@ -34,6 +34,7 @@ Bugfixes:
- Qt: Fix multiplayer windows opening as the wrong size - Qt: Fix multiplayer windows opening as the wrong size
- Qt: Fix controllers sometimes not loading the right profile - Qt: Fix controllers sometimes not loading the right profile
- GBA: Fix hang when loading a savestate if sync to video is enabled - GBA: Fix hang when loading a savestate if sync to video is enabled
- Debugger: Fix use-after-free in breakpoint clearing code
Misc: Misc:
- Qt: Show multiplayer numbers in window title - Qt: Show multiplayer numbers in window title
- Qt: Handle saving input settings better - Qt: Handle saving input settings better

20
src/debugger/debugger.c
View File

@ -149,11 +149,14 @@ bool ARMDebuggerSetSoftwareBreakpoint(struct ARMDebugger* debugger, uint32_t add
void ARMDebuggerClearBreakpoint(struct ARMDebugger* debugger, uint32_t address) { void ARMDebuggerClearBreakpoint(struct ARMDebugger* debugger, uint32_t address) {
struct DebugBreakpoint** previous = &debugger->breakpoints; struct DebugBreakpoint** previous = &debugger->breakpoints;
struct DebugBreakpoint* breakpoint; struct DebugBreakpoint* breakpoint;
for (; (breakpoint = *previous); previous = &breakpoint->next) { struct DebugBreakpoint** next;
while ((breakpoint = *previous)) {
next = &breakpoint->next;
if (breakpoint->address == address) { if (breakpoint->address == address) {
*previous = breakpoint->next; *previous = *next;
free(breakpoint); free(breakpoint);
} }
previous = next;
} }
} }
@ -169,12 +172,15 @@ void ARMDebuggerSetWatchpoint(struct ARMDebugger* debugger, uint32_t address) {
void ARMDebuggerClearWatchpoint(struct ARMDebugger* debugger, uint32_t address) { void ARMDebuggerClearWatchpoint(struct ARMDebugger* debugger, uint32_t address) {
struct DebugWatchpoint** previous = &debugger->watchpoints; struct DebugWatchpoint** previous = &debugger->watchpoints;
struct DebugWatchpoint* breakpoint; struct DebugWatchpoint* watchpoint;
for (; (breakpoint = *previous); previous = &breakpoint->next) { struct DebugWatchpoint** next;
if (breakpoint->address == address) { while ((watchpoint = *previous)) {
*previous = breakpoint->next; next = &watchpoint->next;
free(breakpoint); if (watchpoint->address == address) {
*previous = *next;
free(watchpoint);
} }
previous = next;
} }
if (!debugger->watchpoints) { if (!debugger->watchpoints) {
ARMDebuggerRemoveMemoryShim(debugger); ARMDebuggerRemoveMemoryShim(debugger);