[Mesa-dev] [PATCH 1/2] util: add some defensive coding in u_upload_alloc()

[Brian Paul]

Some callers of this function were checking the 'ptr' result to see if
the function failed.  But the correct way is to check the regular
return value for PIPE_ERROR_x.  Now we initialize all the returned
values at the top of the function in case we do hit an error (like OOM).

Callers are more likely to detect OOM conditions now.  But there
are some callers which don't do any error checking...
---
 src/gallium/auxiliary/util/u_upload_mgr.c |    8 +++++++-
 1 files changed, 7 insertions(+), 1 deletions(-)

diff --git a/src/gallium/auxiliary/util/u_upload_mgr.c b/src/gallium/auxiliary/util/u_upload_mgr.c
index ee1c688..47d39af 100644
--- a/src/gallium/auxiliary/util/u_upload_mgr.c
+++ b/src/gallium/auxiliary/util/u_upload_mgr.c
@@ -163,6 +163,13 @@ enum pipe_error u_upload_alloc( struct u_upload_mgr *upload,
    unsigned alloc_offset = align(min_out_offset, upload->alignment);
    unsigned offset;
 
+   /* Init these return values here in case we fail below to make
+    * sure the caller doesn't get garbage values.
+    */
+   *out_offset = ~0;
+   *outbuf = NULL;
+   *ptr = NULL;
+
    /* Make sure we have enough space in the upload buffer
     * for the sub-allocation. */
    if (MAX2(upload->offset, alloc_offset) + alloc_size > upload->size) {
@@ -183,7 +190,6 @@ enum pipe_error u_upload_alloc( struct u_upload_mgr *upload,
 					  &upload->transfer);
       if (!upload->map) {
          pipe_resource_reference(outbuf, NULL);
-         *ptr = NULL;
          upload->transfer = NULL;
          return PIPE_ERROR_OUT_OF_MEMORY;
       }
-- 
1.7.3.4