Qt: Fix use-after-free pattern

This fixes crashes due to use of deallocated memory in: - Export Packet Dissections - Merge Capture Files - Edit Packet Comment Change-Id: I3dab8c0735eb5e642d6a4580d20bc3c81cf1345b Reviewed-on: https://code.wireshark.org/review/10392 Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
author: Stig Bjørlykke <stig@bjorlykke.org> 2015-09-05 19:39:51 +0200
committer: Stig Bjørlykke <stig@bjorlykke.org> 2015-09-08 06:30:02 +0000
commit: 91d863cc1612453d4ed1c7629738d3057ea61373 (patch)
tree: df83452cbec2148c970f814a935ca46ec288b4fd /ui/qt/main_window.cpp
parent: f25b8c6784e7dab61e0754159dd3202bda584da9 (diff)
download: wireshark-91d863cc1612453d4ed1c7629738d3057ea61373.tar.gz
1 files changed, 9 insertions, 6 deletions
diff --git a/ui/qt/main_window.cpp b/ui/qt/main_window.cpp
index 620f75d4c8..a1b25ee61a 100644
--- a/ui/qt/main_window.cpp
+++ b/ui/qt/main_window.cpp
@@ -911,21 +911,24 @@ void MainWindow::mergeCaptureFile()
         tmpname = NULL;
         if (merge_dlg.mergeType() == 0) {
             /* chronological order */
-            in_filenames[0] = capture_file_.capFile()->filename;
-            in_filenames[1] = file_name.toUtf8().data();
+            in_filenames[0] = g_strdup(capture_file_.capFile()->filename);
+            in_filenames[1] = qstring_strdup(file_name);
             merge_status = cf_merge_files(&tmpname, 2, in_filenames, file_type, FALSE);
         } else if (merge_dlg.mergeType() <= 0) {
             /* prepend file */
-            in_filenames[0] = file_name.toUtf8().data();
-            in_filenames[1] = capture_file_.capFile()->filename;
+            in_filenames[0] = qstring_strdup(file_name);
+            in_filenames[1] = g_strdup(capture_file_.capFile()->filename);
             merge_status = cf_merge_files(&tmpname, 2, in_filenames, file_type, TRUE);
         } else {
             /* append file */
-            in_filenames[0] = capture_file_.capFile()->filename;
-            in_filenames[1] = file_name.toUtf8().data();
+            in_filenames[0] = g_strdup(capture_file_.capFile()->filename);
+            in_filenames[1] = qstring_strdup(file_name);
             merge_status = cf_merge_files(&tmpname, 2, in_filenames, file_type, TRUE);
         }
 
+        g_free(in_filenames[0]);
+        g_free(in_filenames[1]);
+
         if (merge_status != CF_OK) {
             if (rfcode != NULL)
                 dfilter_free(rfcode);
author	Stig Bjørlykke <stig@bjorlykke.org>	2015-09-05 19:39:51 +0200
committer	Stig Bjørlykke <stig@bjorlykke.org>	2015-09-08 06:30:02 +0000
commit	91d863cc1612453d4ed1c7629738d3057ea61373 (patch)
tree	df83452cbec2148c970f814a935ca46ec288b4fd /ui/qt/main_window.cpp
parent	f25b8c6784e7dab61e0754159dd3202bda584da9 (diff)
download	wireshark-91d863cc1612453d4ed1c7629738d3057ea61373.tar.gz