[Mesa-dev] [Bug 57372] New: x11-libs/libxcb media-libs/mesa segfault in __glXGetString

Wed Nov 21 06:38:47 PST 2012

https://bugs.freedesktop.org/show_bug.cgi?id=57372

          Priority: medium
            Bug ID: 57372
          Assignee: mesa-dev at lists.freedesktop.org
           Summary: x11-libs/libxcb media-libs/mesa segfault in
                    __glXGetString
          Severity: normal
    Classification: Unclassified
                OS: Linux (All)
          Reporter: rich0 at gentoo.org
          Hardware: x86-64 (AMD64)
            Status: NEW
           Version: 9.0
         Component: GLX
           Product: Mesa

Created attachment 70371
  --> https://bugs.freedesktop.org/attachment.cgi?id=70371&action=edit
backtrace

Downstream bug:
https://bugs.gentoo.org/show_bug.cgi?id=444159

I'm getting a segfault in libxcb, which seems to be the result of calling
xcb_glx_get_string_string_length with a null parameter in __glXGetString.  The
call into mesa originates in qt-opengl, called from the application sleepyhead.

Full backtrace attached - happy to generate additional info as required.

I couldn't find documentation concerning error handling in these functions, so
I'm not sure what point in the call chain is considered at-fault for passing
along bad input.  I did note that __glXGetString does not check the value of
reply before passing it along, which might or might not be intended.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freedesktop.org/archives/mesa-dev/attachments/20121121/a21fa67c/attachment.html>