On Wed, Mar 20, 2019 at 08:38:52PM +0100, Gregor Jasny wrote: > Hello Mauro, > > On 19.03.19 20:45, Mauro Carvalho Chehab wrote: > > Hi Gregor, > > > > Samuel reported in priv that the issues he had with user after free were > > solved by the patchsets merged at 1.12 and 1.16 stable branches. > > > > Could you please generate a new staging release for them? > > Sure, I can create a new 1.12 and 1.16 stable release. But when reviewing > the patches for approval by debian release managers I noticed an additional > double-free that Sean addressed with the following patch: > > > https://git.linuxtv.org/v4l-utils.git/commit/?id=ebd890019ba7383b8b486d829f6683c8f49fdbda > > Could you please give that patch a thorough review, some testing, and > cherry-pick it to stable-1.12 and -1.16 as well? I did test it myself (and also under valgrind). The bad paths are hard to hit though. I'd say just go ahead with merging and releasing, the patch isn't that controversial (I hope!). Sean
