Mesa (master): egl/x11: avoid using freed memory if dri2 init fails

Mon, 15 Aug 2016 11:05:12 -0700 

Module: Mesa
Branch: master
Commit: 769ac1ec78e5bc52191ef0393e4702945bbacaa9
URL:    
http://cgit.freedesktop.org/mesa/mesa/commit/?id=769ac1ec78e5bc52191ef0393e4702945bbacaa9

Author: Jan Ziak <[email protected]>
Date:   Sun Jul 31 15:44:18 2016 +0200

egl/x11: avoid using freed memory if dri2 init fails

Found with valgrind:

==4841== Invalid read of size 4
==4841==    at 0x56BDC80: dri2_initialize (egl_dri2.c:783)
==4841==    by 0x56BAFE5: _eglMatchAndInitialize (egldriver.c:261)
==4841==    by 0x56BB15E: _eglMatchDriver (egldriver.c:295)
==4841==    by 0x56B58C9: eglInitialize (eglapi.c:480)
==4841==    by 0x4F537DC: _glfwInitEGL (in /usr/lib64/libglfw.so.3.2)
==4841==    by 0x4F4BEFB: _glfwPlatformInit (in /usr/lib64/libglfw.so.3.2)
==4841==    by 0x4F46F40: glfwInit (in /usr/lib64/libglfw.so.3.2)
==4841==    by 0x402E59: main
==4841==  Address 0x6a05824 is 148 bytes inside a block of size 480 free'd
==4841==    at 0x4C2B680: free (in 
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==4841==    by 0x56C2AAE: dri2_initialize_x11_swrast (platform_x11.c:1233)
==4841==    by 0x56C2AAE: dri2_initialize_x11 (platform_x11.c:1493)
==4841==    by 0x56BDCEB: dri2_initialize (egl_dri2.c:805)
==4841==    by 0x56BAFAF: _eglMatchAndInitialize (egldriver.c:261)
==4841==    by 0x56BB0C9: _eglMatchDriver (egldriver.c:292)
==4841==    by 0x56B58C9: eglInitialize (eglapi.c:480)
==4841==    by 0x4F537DC: _glfwInitEGL (in /usr/lib64/libglfw.so.3.2)
==4841==    by 0x4F4BEFB: _glfwPlatformInit (in /usr/lib64/libglfw.so.3.2)
==4841==    by 0x4F46F40: glfwInit (in /usr/lib64/libglfw.so.3.2)
==4841==    by 0x402E59: main
==4841==  Block was alloc'd at
==4841==    at 0x4C2A868: calloc (in 
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==4841==    by 0x56C2A47: dri2_initialize_x11_swrast (platform_x11.c:1171)
==4841==    by 0x56C2A47: dri2_initialize_x11 (platform_x11.c:1493)
==4841==    by 0x56BDCEB: dri2_initialize (egl_dri2.c:805)
==4841==    by 0x56BAFAF: _eglMatchAndInitialize (egldriver.c:261)
==4841==    by 0x56BB0C9: _eglMatchDriver (egldriver.c:292)
==4841==    by 0x56B58C9: eglInitialize (eglapi.c:480)
==4841==    by 0x4F537DC: _glfwInitEGL (in /usr/lib64/libglfw.so.3.2)
==4841==    by 0x4F4BEFB: _glfwPlatformInit (in /usr/lib64/libglfw.so.3.2)
==4841==    by 0x4F46F40: glfwInit (in /usr/lib64/libglfw.so.3.2)
==4841==    by 0x402E59: main

Signed-off-by: Jan Ziak (http://atom-symbol.net) <[email protected]>
Fixes: 9ee683f877 (egl/dri2: Add reference count for dri2_egl_display)
Cc: "12.0" <[email protected]>
Reviewed-by: Nicolas Boichat <[email protected]>
Reviewed-by: Emil Velikov <[email protected]>

---

 src/egl/drivers/dri2/platform_x11.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/egl/drivers/dri2/platform_x11.c 
b/src/egl/drivers/dri2/platform_x11.c
index c0a4005..686552c 100644
--- a/src/egl/drivers/dri2/platform_x11.c
+++ b/src/egl/drivers/dri2/platform_x11.c
@@ -1231,6 +1231,7 @@ dri2_initialize_x11_swrast(_EGLDriver *drv, _EGLDisplay 
*disp)
       xcb_disconnect(dri2_dpy->conn);
  cleanup_dpy:
    free(dri2_dpy);
+   disp->DriverData = NULL;
 
    return EGL_FALSE;
 }
@@ -1370,6 +1371,7 @@ dri2_initialize_x11_dri3(_EGLDriver *drv, _EGLDisplay 
*disp)
       xcb_disconnect(dri2_dpy->conn);
  cleanup_dpy:
    free(dri2_dpy);
+   disp->DriverData = NULL;
 
    return EGL_FALSE;
 }
@@ -1467,6 +1469,7 @@ dri2_initialize_x11_dri2(_EGLDriver *drv, _EGLDisplay 
*disp)
       xcb_disconnect(dri2_dpy->conn);
  cleanup_dpy:
    free(dri2_dpy);
+   disp->DriverData = NULL;
 
    return EGL_FALSE;
 }

_______________________________________________
mesa-commit mailing list
[email protected]
https://lists.freedesktop.org/mailman/listinfo/mesa-commit

Reply via email to