Hello community, here is the log from the commit of package Mesa for openSUSE:Factory checked in at 2016-05-23 17:30:11 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/Mesa (Old) and /work/SRC/openSUSE:Factory/.Mesa.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "Mesa" Changes: -------- --- /work/SRC/openSUSE:Factory/Mesa/Mesa.changes 2016-05-17 17:07:07.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.Mesa.new/Mesa.changes 2016-05-23 17:30:12.000000000 +0200 @@ -1,0 +2,6 @@ +Wed May 18 17:01:35 UTC 2016 - [email protected] + +- u_glxcmds-glXGetFBConfigs-fix-screen-bounds.patch: + Fix crash due to oud of founds screen (boo#980382). + +------------------------------------------------------------------- New: ---- u_glxcmds-glXGetFBConfigs-fix-screen-bounds.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ Mesa.spec ++++++ --- /var/tmp/diff_new_pack.eI9DSt/_old 2016-05-23 17:30:13.000000000 +0200 +++ /var/tmp/diff_new_pack.eI9DSt/_new 2016-05-23 17:30:13.000000000 +0200 @@ -69,6 +69,7 @@ Patch18: n_VDPAU-XVMC-libs-Replace-hardlinks-with-copies.patch # Already upstream Patch21: n_Define-GLAPIVAR-separate-from-GLAPI.patch +Patch22: u_glxcmds-glXGetFBConfigs-fix-screen-bounds.patch BuildRequires: autoconf >= 2.60 BuildRequires: automake @@ -562,6 +563,7 @@ %patch17 -p1 %patch18 -p1 %patch21 -p1 +%patch22 -p1 %build %if 0%{?suse_version} >= 1310 ++++++ u_glxcmds-glXGetFBConfigs-fix-screen-bounds.patch ++++++ From: Jiri Slaby <[email protected]> Date: Tue May 17 08:22:42 2016 +0200 Subject: glxcmds: glXGetFBConfigs, fix screen bounds Patch-mainline: Not yet Git-repo: git://anongit.freedesktop.org/git/mesa/mesa Git-commit: 6aaa258229ec09f84ca51a728e125009ecee2d16 References: boo#980382 Bounds of screen are 0 (inclusive) and ScreenCount(dpy) (exclusive). The upper bound was too high: ScreenCount(dpy) (inclusive). This causes a crash invoked by java3d which passes down an invalid screen: 6 0x00007f0e5198ba70 in <signal handler called> () at /lib64/libc.so.6 7 0x00007f0e14531e14 in glXGetFBConfigs (dpy=<optimized out>, screen=1, nelements=nelements@entry=0x7f0dab3c522c) at glxcmds.c:1660 8 0x00007f0e14532f7f in glXChooseFBConfig (dpy=<optimized out>, screen=<optimized out>, attribList=0x7f0dab3c54e0, nitems=0x7f0dab3c535c) at glxcmds.c:1611 9 0x00007f0e1478d29b in find_S_FBConfigs () at /usr/lib64/libj3dcore-ogl.so 10 0x00007f0e1478d3dc in find_S_S_FBConfigs () at /usr/lib64/libj3dcore-ogl.so 11 0x00007f0e1478d567 in find_AA_S_S_FBConfigs () at /usr/lib64/libj3dcore-ogl.so 12 0x00007f0e1478d728 in find_DB_AA_S_S_FBConfigs () at /usr/lib64/libj3dcore-ogl.so 13 0x00007f0e1478d97c in Java_javax_media_j3d_X11NativeConfigTemplate3D_chooseOglVisual () at /usr/lib64/libj3dcore-ogl.so While ScreenCount(dpy) is actually 1: (gdb) p dpy->nscreens $2 = 1 screen=1 is passed to glXGetFBConfigs. Easily reproducible by: #include <stdio.h> #include <X11/Xlib.h> #include <GL/glx.h> int main() { unsigned a; int n; Display *d = XOpenDisplay(":0"); GLXFBConfig *cfg; for (a = 0; a <= ScreenCount(d); a++) cfg = glXGetFBConfigs(d, a, &n); XCloseDisplay(d); return 0; } Fix this typo in glXGetFBConfigs. Signed-off-by: Jiri Slaby <[email protected]> Cc: <[email protected]> Signed-off-by: Egbert Eich <[email protected]> --- src/glx/glxcmds.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/glx/glxcmds.c b/src/glx/glxcmds.c index 63f4921..46bc214 100644 --- a/src/glx/glxcmds.c +++ b/src/glx/glxcmds.c @@ -1657,7 +1657,7 @@ glXGetFBConfigs(Display * dpy, int screen, int *nelements) *nelements = 0; if (priv && (priv->screens != NULL) - && (screen >= 0) && (screen <= ScreenCount(dpy)) + && (screen >= 0) && (screen < ScreenCount(dpy)) && (priv->screens[screen]->configs != NULL) && (priv->screens[screen]->configs->fbconfigID != (int) GLX_DONT_CARE)) {
