[Mesa-dev] [PATCH 1/4] glsl: Fix hypothetical NULL dereference in ast_process_structure_or_interface_block
Ian Romanick
idr at freedesktop.org
Tue Apr 9 16:59:19 PDT 2013
From: Ian Romanick <ian.d.romanick at intel.com>
Fixes issue identified by Klocwork analysis:
Pointer 'field_type' returned from call to function 'glsl_type' at
line 4126 may be NULL and may be dereferenced at line 4139. Also
there are 2 similar errors on line(s) 4165, 4174.
In practice, it should be impossible to actually get NULL in here
because a syntax error would have already caused compilation to halt.
Signed-off-by: Ian Romanick <ian.d.romanick at intel.com>
---
src/glsl/ast_to_hir.cpp | 11 ++++++++---
1 file changed, 8 insertions(+), 3 deletions(-)
diff --git a/src/glsl/ast_to_hir.cpp b/src/glsl/ast_to_hir.cpp
index a1b4ee7..00563f3 100644
--- a/src/glsl/ast_to_hir.cpp
+++ b/src/glsl/ast_to_hir.cpp
@@ -4009,8 +4009,14 @@ ast_process_structure_or_interface_block(exec_list *instructions,
* blocks. All other types, arrays, and structures
* allowed for uniforms are allowed within a uniform
* block."
+ *
+ * It should be impossible for decl_type to be NULL here. Cases that
+ * might naturally lead to decl_type being NULL, especially for the
+ * is_interface case, will have resulted in compilation having
+ * already halted due to a syntax error.
*/
- const struct glsl_type *field_type = decl_type;
+ const struct glsl_type *field_type =
+ decl_type != NULL ? decl_type : glsl_type::error_type;
if (is_interface && field_type->contains_sampler()) {
YYLTYPE loc = decl_list->get_location();
@@ -4033,8 +4039,7 @@ ast_process_structure_or_interface_block(exec_list *instructions,
field_type = process_array_type(&loc, decl_type, decl->array_size,
state);
}
- fields[i].type = (field_type != NULL)
- ? field_type : glsl_type::error_type;
+ fields[i].type = field_type;
fields[i].name = decl->identifier;
if (qual->flags.q.row_major || qual->flags.q.column_major) {
--
1.8.1.4
More information about the mesa-dev
mailing list