[Mesa-dev] [PATCH 06/11] glsl: Check realloc return value in ir_function::matching_signature()

Juha-Pekka Heikkila juhapekka.heikkila at gmail.com
Thu Sep 18 03:26:52 PDT 2014 

On 10.09.2014 00:59, Anuj Phogat wrote:
> On Mon, Sep 8, 2014 at 11:53 PM, Juha-Pekka Heikkila
> <juhapekka.heikkila at gmail.com> wrote:
>> Signed-off-by: Juha-Pekka Heikkila <juhapekka.heikkila at gmail.com>
>> ---
>>  src/glsl/ir_function.cpp | 11 +++++++++--
>>  1 file changed, 9 insertions(+), 2 deletions(-)
>>
>> diff --git a/src/glsl/ir_function.cpp b/src/glsl/ir_function.cpp
>> index 98bec45..2b2643c 100644
>> --- a/src/glsl/ir_function.cpp
>> +++ b/src/glsl/ir_function.cpp
>> @@ -24,6 +24,7 @@
>>  #include "glsl_types.h"
>>  #include "ir.h"
>>  #include "glsl_parser_extras.h"
>> +#include "main/errors.h"
>>
>>  typedef enum {
>>     PARAMETER_LIST_NO_MATCH,
>> @@ -296,6 +297,7 @@ ir_function::matching_signature(_mesa_glsl_parse_state *state,
>>                                  bool *is_exact)
>>  {
>>     ir_function_signature **inexact_matches = NULL;
>> +   ir_function_signature **inexact_matches_temp;
>>     ir_function_signature *match = NULL;
>>     int num_inexact_matches = 0;
>>
>> @@ -321,11 +323,16 @@ ir_function::matching_signature(_mesa_glsl_parse_state *state,
>>           free(inexact_matches);
>>           return sig;
>>        case PARAMETER_LIST_INEXACT_MATCH:
>> -         inexact_matches = (ir_function_signature **)
>> +         inexact_matches_temp = (ir_function_signature **)
>>                 realloc(inexact_matches,
>>                         sizeof(*inexact_matches) *
>>                         (num_inexact_matches + 1));
>> -         assert(inexact_matches);
>> +         if (inexact_matches_temp == NULL) {
>> +            _mesa_error_no_memory(__func__);
>> +            free(inexact_matches);
> This free is not required. inexact_matches is null.

Why is inexact matches null? This reallocation is inside
foreach_in_list{..} and the amount of inexact matches is counted with
num_inexact_matches variable. If we're not getting the null from realloc
on the first run inexact_matches would have valid pointer.

>> +            return NULL;
>> +         }
>> +         inexact_matches = inexact_matches_temp;
>>           inexact_matches[num_inexact_matches++] = sig;
>>           continue;
>>        case PARAMETER_LIST_NO_MATCH:
>> --
>> 1.8.5.1
>>
>> _______________________________________________
>> mesa-dev mailing list
>> mesa-dev at lists.freedesktop.org
>> http://lists.freedesktop.org/mailman/listinfo/mesa-dev

More information about the mesa-dev mailing list