From 981b1d41a2102bcd7a432a81c9bd6979b8c6d6c4 Mon Sep 17 00:00:00 2001
From: Cyrille Bagard <nocbos@gmail.com>
Date: Tue, 17 Oct 2023 00:06:57 +0200
Subject: Fix a Use-After-Free.

---
 src/analysis/scan/patterns/customizer.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/analysis/scan/patterns/customizer.c b/src/analysis/scan/patterns/customizer.c
index c3becf5..9659957 100644
--- a/src/analysis/scan/patterns/customizer.c
+++ b/src/analysis/scan/patterns/customizer.c
@@ -328,6 +328,7 @@ static bool g_scan_token_customizer_transform(const GScanTokenCustomizer *modifi
     size_t i;                               /* Boucle de parcours #1       */
     sized_binary_t *extra;                  /* Motifs supplémentaires      */
     size_t extra_count;                     /* Quantité de ces motifs      */
+    size_t old_dcount;                      /* Mémorisation avant avancées */
     sized_binary_t *new;                    /* Nouvel emplacement libre    */
     size_t k;                               /* Boucle de parcours #2       */
 
@@ -342,11 +343,13 @@ static bool g_scan_token_customizer_transform(const GScanTokenCustomizer *modifi
                                                           &extra, &extra_count);
         if (!result) goto exit;
 
-        new = (*dest) + *dcount;
+        old_dcount = *dcount;
 
         *dcount += extra_count;
         *dest = realloc(*dest, *dcount * sizeof(sized_binary_t));
 
+        new = (*dest) + old_dcount;
+
         for (k = 0; k < extra_count; k++, new++)
             copy_szstr(*new, extra[k]);
 
-- 
cgit v0.11.2-87-g4458