From: Emil Velikov <[email protected]> Currently, if we error out before gbm_dri is set (say due to a different name of the backing GBM implementation, or otherwise) the tear down will trigger a NULL ptr deref and crash out.
Move the gbm_dri initialization as early as possible. To be on the extra safe side add a NULL check in the teardown. Reported-by: Christian Gmeiner <[email protected]> Cc: Christian Gmeiner <[email protected]> Cc: Eric Engestrom <[email protected]> Cc: [email protected] Signed-off-by: Emil Velikov <[email protected]> --- Supersedes https://gitlab.freedesktop.org/mesa/mesa/merge_requests/1182 --- src/egl/drivers/dri2/platform_drm.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/egl/drivers/dri2/platform_drm.c b/src/egl/drivers/dri2/platform_drm.c index a811834114d..3e2124ad39c 100644 --- a/src/egl/drivers/dri2/platform_drm.c +++ b/src/egl/drivers/dri2/platform_drm.c @@ -704,6 +704,7 @@ dri2_initialize_drm(_EGLDisplay *disp) goto cleanup; } } + dri2_dpy->gbm_dri = gbm_dri_device(gbm); if (strcmp(gbm_device_get_backend_name(gbm), "drm") != 0) { err = "DRI2: gbm device using incorrect/incompatible backend"; @@ -718,7 +719,6 @@ dri2_initialize_drm(_EGLDisplay *disp) disp->Device = dev; - dri2_dpy->gbm_dri = gbm_dri_device(gbm); dri2_dpy->driver_name = strdup(dri2_dpy->gbm_dri->driver_name); dri2_dpy->dri_screen = dri2_dpy->gbm_dri->screen; @@ -777,6 +777,6 @@ cleanup: void dri2_teardown_drm(struct dri2_egl_display *dri2_dpy) { - if (dri2_dpy->own_device) + if (dri2_dpy->own_device && dri2_dpy->gbm_dri) gbm_device_destroy(&dri2_dpy->gbm_dri->base); } -- 2.21.0 _______________________________________________ mesa-dev mailing list [email protected] https://lists.freedesktop.org/mailman/listinfo/mesa-dev
