From f253b6927cf5235700b1680dcfd5ce3ed96074d4 Mon Sep 17 00:00:00 2001
From: Martin Nordholts <martinn@src.gnome.org>
Date: Fri, 15 May 2009 21:29:25 +0200
Subject: [PATCH] Avoid memory corruption on complicated confirm-overwrite
 logic

Dup the file chooser entry string because the string may be modified
depending on what clients do in the confirm-overwrite signal and this
corrupts the pointer.
---
 gtk/gtkfilechooserdefault.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/gtk/gtkfilechooserdefault.c b/gtk/gtkfilechooserdefault.c
index b70af42160..5f40411551 100644
--- a/gtk/gtkfilechooserdefault.c
+++ b/gtk/gtkfilechooserdefault.c
@@ -8307,10 +8307,15 @@ save_entry_get_info_cb (GCancellable *cancellable,
           if (data->file_exists_and_is_not_folder)
 	    {
 	      gboolean retval;
-	      const char *file_part;
+	      char *file_part;
 
-	      file_part = _gtk_file_chooser_entry_get_file_part (GTK_FILE_CHOOSER_ENTRY (data->impl->location_entry));
+              /* Dup the string because the string may be modified
+               * depending on what clients do in the confirm-overwrite
+               * signal and this corrupts the pointer
+               */
+              file_part = g_strdup (_gtk_file_chooser_entry_get_file_part (GTK_FILE_CHOOSER_ENTRY (data->impl->location_entry)));
 	      retval = should_respond_after_confirm_overwrite (data->impl, file_part, data->parent_file);
+              g_free (file_part);
 
 	      if (retval)
 		g_signal_emit_by_name (data->impl, "response-requested");