From 3ac67cf458bb23c8ed481c24b9f8ddf84a0ef4fd Mon Sep 17 00:00:00 2001
From: Sylvain Becker <sylvain.becker@gmail.com>
Date: Wed, 23 Oct 2019 08:46:59 +0200
Subject: [PATCH] Fixed bug 4837 - Use after free in SDL_SensorUpdate (Thanks!)

---
 src/sensor/SDL_sensor.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/sensor/SDL_sensor.c b/src/sensor/SDL_sensor.c
index 9caaf6f6f..467374b22 100644
--- a/src/sensor/SDL_sensor.c
+++ b/src/sensor/SDL_sensor.c
@@ -503,7 +503,7 @@ void
 SDL_SensorUpdate(void)
 {
     int i;
-    SDL_Sensor *sensor;
+    SDL_Sensor *sensor, *next;
 
     if (!SDL_WasInit(SDL_INIT_SENSOR)) {
         return;
@@ -531,7 +531,8 @@ SDL_SensorUpdate(void)
     SDL_updating_sensor = SDL_FALSE;
 
     /* If any sensors were closed while updating, free them here */
-    for (sensor = SDL_sensors; sensor; sensor = sensor->next) {
+    for (sensor = SDL_sensors; sensor; sensor = next) {
+        next = sensor->next;
         if (sensor->ref_count <= 0) {
             SDL_SensorClose(sensor);
         }