From 8e43aecda580fcb137ccfed7492f93d733d8aaa6 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Pawe=C5=82=20Sikora?= <pluto@pld-linux.org>
Date: Tue, 2 May 2006 20:44:01 +0000
Subject: [PATCH] - fix invalid free().

Changed files:
    irssi-invalid_free.patch -> 1.1
---
 irssi-invalid_free.patch | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)
 create mode 100644 irssi-invalid_free.patch

diff --git a/irssi-invalid_free.patch b/irssi-invalid_free.patch
new file mode 100644
index 0000000..f5d2bcf
--- /dev/null
+++ b/irssi-invalid_free.patch
@@ -0,0 +1,21 @@
+after call of g_slist_remove() the `pos` points to released area,
+so dereferencing pos->data isn't acceptable.
+
+--- irssi-0.8.10/src/irc/dcc/dcc.c.orig	2005-10-19 04:13:31.000000000 +0200
++++ irssi-0.8.10/src/irc/dcc/dcc.c	2006-05-02 22:33:11.000000000 +0200
+@@ -55,11 +55,13 @@
+ void dcc_unregister_type(const char *type)
+ {
+ 	GSList *pos;
++	gpointer data;
+ 
+ 	pos = gslist_find_string(dcc_types, type);
+ 	if (pos != NULL) {
+-                dcc_types = g_slist_remove(dcc_types, pos->data);
+-		g_free(pos->data);
++		data = pos->data;
++		dcc_types = g_slist_remove(dcc_types, data);
++		g_free(data);
+ 	}
+ }
+ 
-- 
2.44.0