[Mesa-dev] [Bug 81992] mapi_stub->name points to caller memory leads heap-use-after-free bug
bugzilla-daemon at freedesktop.org
bugzilla-daemon at freedesktop.org
Wed Mar 18 22:51:33 PDT 2015
https://bugs.freedesktop.org/show_bug.cgi?id=81992
--- Comment #1 from comicfans44 <comicfans44 at gmail.com> ---
Qt OpenGL use dynamic allocated memory to test GL extensions.
this bug makes every Qt OpenGL app memory corrupted.
I'm not sure a simple strdup is the correct way
(maybe leak instead of memory corrupt).
with this patch, use-heap-after-free didn't happen anyway.
diff -Npru mesa-20150314.orig/src/mapi/stub.c mesa-20150314/src/mapi/stub.c
--- mesa-20150314.orig/src/mapi/stub.c 2015-03-14 07:32:12.000000000 +0800
+++ mesa-20150314/src/mapi/stub.c 2015-03-16 10:02:46.860273804 +0800
@@ -110,7 +110,7 @@ stub_add_dynamic(const char *name)
if (!stub->addr)
return NULL;
- stub->name = (const void *) name;
+ stub->name = strdup(name);
/* to be fixed later */
stub->slot = -1;
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freedesktop.org/archives/mesa-dev/attachments/20150319/a910ef87/attachment.html>
More information about the mesa-dev
mailing list