From 83e26522b614f1370dde25e7ff72ed2a5c2bbed0 Mon Sep 17 00:00:00 2001
From: WerWolv <werwolv98@gmail.com>
Date: Fri, 8 Sep 2023 22:00:15 +0200
Subject: [PATCH] fix: Potential use-after-free with the .NET SDK

---
 .../script_loader/include/loaders/dotnet/dotnet_loader.hpp    | 1 +
 plugins/script_loader/source/loaders/dotnet/dotnet_loader.cpp | 4 ++--
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/plugins/script_loader/include/loaders/dotnet/dotnet_loader.hpp b/plugins/script_loader/include/loaders/dotnet/dotnet_loader.hpp
index 7cd7cdc31..9bad92c93 100644
--- a/plugins/script_loader/include/loaders/dotnet/dotnet_loader.hpp
+++ b/plugins/script_loader/include/loaders/dotnet/dotnet_loader.hpp
@@ -18,6 +18,7 @@ namespace hex::script::loader {
 
     private:
         std::function<bool(const std::fs::path&)> m_loadAssembly;
+        std::fs::path::string_type m_assemblyLoaderPathString;
     };
 
 }
\ No newline at end of file
diff --git a/plugins/script_loader/source/loaders/dotnet/dotnet_loader.cpp b/plugins/script_loader/source/loaders/dotnet/dotnet_loader.cpp
index f8573b64e..8ac287d53 100644
--- a/plugins/script_loader/source/loaders/dotnet/dotnet_loader.cpp
+++ b/plugins/script_loader/source/loaders/dotnet/dotnet_loader.cpp
@@ -150,11 +150,11 @@ namespace hex::script::loader {
             auto dotnetType = STRING("ImHex.EntryPoint, AssemblyLoader");
 
             const char_t *dotnetTypeMethod = STRING("ExecuteScript");
-            const auto &assemblyPathStr = assemblyLoader.native();
+            this-> m_assemblyLoaderPathString = assemblyLoader.native();
 
             component_entry_point_fn entryPoint = nullptr;
             u32 result = loadAssembly(
-                    assemblyPathStr.c_str(),
+                    this->m_assemblyLoaderPathString.c_str(),
                     dotnetType,
                     dotnetTypeMethod,
                     nullptr,