From 397181d5c191cf2f7ba3b4408383da6e5a149052 Mon Sep 17 00:00:00 2001
From: Augusto Noronha <anoronha@apple.com>
Date: Wed, 8 Oct 2025 15:35:24 -0700
Subject: [lldb] Fix use after free on ModuleList::RemoveSharedModuleIfOrphaned
 (#155331)

This fixes a potential use after free where
ModuleList::RemoveSharedModuleIfOrphaned ->
SharedModuleList::RemoveIfOrphaned -> SharedModuleList::RemoveFromMap
would potentially dereference a freed pointer. This fixes it by not
calling ModuleList::RemoveSharedModuleIfOrphaned at all if the pointer
was just freed.
---
 lldb/source/Target/Target.cpp | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'lldb/source/Target/Target.cpp')

diff --git a/lldb/source/Target/Target.cpp b/lldb/source/Target/Target.cpp
index e0286c4576ae..e224a12e3346 100644
--- a/lldb/source/Target/Target.cpp
+++ b/lldb/source/Target/Target.cpp
@@ -2567,9 +2567,9 @@ ModuleSP Target::GetOrCreateModule(const ModuleSpec &orig_module_spec,
           m_images.Append(module_sp, notify);
 
         for (ModuleSP &old_module_sp : replaced_modules) {
-          Module *old_module_ptr = old_module_sp.get();
+          auto old_module_wp = old_module_sp->weak_from_this();
           old_module_sp.reset();
-          ModuleList::RemoveSharedModuleIfOrphaned(old_module_ptr);
+          ModuleList::RemoveSharedModuleIfOrphaned(old_module_wp);
         }
       } else
         module_sp.reset();
-- 
cgit v1.2.3