From 3a4e2b234059f262b0df5fa99ea54a3071892b2e Mon Sep 17 00:00:00 2001
From: Fabrice Bellet <fabrice@bellet.info>
Date: Fri, 28 Jun 2019 13:54:57 +0200
Subject: tcp-bsd: fix a heap-use-after-free

---
 socket/tcp-bsd.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/socket/tcp-bsd.c b/socket/tcp-bsd.c
index 406e955..00a46ed 100644
--- a/socket/tcp-bsd.c
+++ b/socket/tcp-bsd.c
@@ -436,7 +436,7 @@ socket_send_more (
   gpointer data)
 {
   NiceSocket *sock = (NiceSocket *) data;
-  TcpPriv *priv = sock->priv;
+  TcpPriv *priv;
 
   g_mutex_lock (&mutex);
 
@@ -447,6 +447,8 @@ socket_send_more (
     return FALSE;
   }
 
+  priv = sock->priv;
+
   /* connection hangs up or queue was emptied */
   if (condition & G_IO_HUP ||
       nice_socket_flush_send_queue_to_socket (sock->fileno,
-- 
cgit v1.2.1