From 5535ec22f6a174d471bde1992c2f5f38148b4b17 Mon Sep 17 00:00:00 2001
From: deuce <>
Date: Fri, 11 Nov 2011 06:47:14 +0000
Subject: [PATCH] Fix use-after-free bug.

---
 src/sbbs3/putmsg.cpp | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/sbbs3/putmsg.cpp b/src/sbbs3/putmsg.cpp
index 42e15608b9..548e04afbf 100644
--- a/src/sbbs3/putmsg.cpp
+++ b/src/sbbs3/putmsg.cpp
@@ -51,6 +51,7 @@
 char sbbs_t::putmsg(const char *buf, long mode)
 {
 	char	tmpatr,tmp2[256],tmp3[128];
+	char	ret;
 	char*	str=(char*)buf;
 	uchar	exatr=0;
 	int 	orgcon=console,i;
@@ -292,12 +293,13 @@ char sbbs_t::putmsg(const char *buf, long mode)
 			pause();
 	}
 
+	ret=str[l];
 	if(str!=buf)	/* malloc'd copy of buffer */
 		free(str);
 
 	/* Restore original settings of Forced Pause On/Off */
 	sys_status&=~(SS_PAUSEOFF|SS_PAUSEON);
 	sys_status|=(sys_status_sav&(SS_PAUSEOFF|SS_PAUSEON));
-	return(str[l]);
+	return(ret);
 }
 
-- 
GitLab