From e7ece39afc8e0adc3b6b1e70b337b98376754462 Mon Sep 17 00:00:00 2001
From: Alan Coopersmith <alan.coopersmith@sun.com>
Date: Tue, 7 Oct 2008 15:41:38 -0700
Subject: [PATCH] Sun bug #6739431: double free in _X11TransConnectDisplay()

Double free() introduced in bf53987eaf0fbd7f7627783fc39e7ee99e8361ba
After copying original_hostname to phostname, set original_hostname
to NULL, so we don't free the same pointer twice when we free both
original_hostname and phostname.

<http://bugs.opensolaris.org/bugdatabase/view_bug.do?bug_id=6739431>
---
 src/ConnDis.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/ConnDis.c b/src/ConnDis.c
index d40bab08..f32b0925 100644
--- a/src/ConnDis.c
+++ b/src/ConnDis.c
@@ -407,6 +407,7 @@ _X11TransConnectDisplay (
     if (reset_hostname && (phostname != original_hostname)) {
 	Xfree (phostname);
 	phostname = original_hostname;
+	original_hostname = NULL;
     }
 #endif
     len = ((phostname ? strlen(phostname) : 0) + 1 + (dnet ? 1 : 0) +