From c85222a59380aa9c12622951646874a61b82aa96 Mon Sep 17 00:00:00 2001
From: Po Lu <luangruo@yahoo.com>
Date: Thu, 27 Jul 2023 18:17:12 +0800
Subject: [PATCH] Avoid dereference of a freed vnode's operations table

* src/androidvfs.c (android_renameat_noreplace):
(android_rename): Free vdst using vdst->ops, not vp->ops.
---
 src/androidvfs.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/androidvfs.c b/src/androidvfs.c
index a32471d250e..42b1ff8770f 100644
--- a/src/androidvfs.c
+++ b/src/androidvfs.c
@@ -5581,7 +5581,7 @@ android_renameat_noreplace (int srcfd, const char *src,
   /* Now try to rename vp to vdst.  */
   rc = (*vp->ops->rename) (vp, vdst, true);
   (*vp->ops->close) (vp);
-  (*vp->ops->close) (vdst);
+  (*vdst->ops->close) (vdst);
   return rc;
 
  error1:
@@ -5613,7 +5613,7 @@ android_rename (const char *src, const char *dst)
   /* Now try to rename vp to vdst.  */
   rc = (*vp->ops->rename) (vp, vdst, false);
   (*vp->ops->close) (vp);
-  (*vp->ops->close) (vdst);
+  (*vdst->ops->close) (vdst);
   return rc;
 
  error1:
-- 
2.39.5