check_mysql_query: Implement the use-after-free patch suggested in #602

NEWS

@@ -7,6 +7,7 @@ This file documents the major additions and syntax changes between releases.
 	check_http: Add -o option (Append page body as performance data) (#615) (Tobias Leich)
 	check_log: Fix error message for systems that don't use bash (#539)
 	check_log: Fix linebreaks in documentation (#621) (Matt Capra)
+	check_mysql_query: Fix use-after-free (#602) (Simon F)
 	check_icmp: Add -f and -F perfdata options (#567)
 	check_ifstatus: Add -d option (exclude interfaces by description regexp) (#548) (Alexandre Anriot)
 	check_smtp: Add support for SMTP over TLS (#565) (Franz Schwartau)

THANKS.in

@@ -368,6 +368,7 @@ Sebastien Guay
 Serhan Kiymaz
 Shawn Wills
 Simon Bellwood
+Simon F (bratkartoffel)
 Simon Kainz
 Simon L Nielsen
 Simon Meggle

plugins/check_mysql_query.c

@@ -143,18 +143,18 @@ main (int argc, char **argv)
 		die (STATE_CRITICAL, "QUERY %s: Fetch row error - %s\n", _("CRITICAL"), error);
 	}
 
-	/* free the result */
-	mysql_free_result (res);
-
-	/* close the connection */
-	mysql_close (&mysql);
-
 	if (! is_numeric(row[0])) {
 		die (STATE_CRITICAL, "QUERY %s: %s - '%s'\n", _("CRITICAL"), _("Is not a numeric"), row[0]);
 	}
 
 	value = strtod(row[0], NULL);
 
+	/* free the result */
+	mysql_free_result (res);
+
+	/* close the connection */
+	mysql_close (&mysql);
+
 	if (verbose >= 3)
 		printf("mysql result: %f\n", value);