[Mesa-dev] [PATCH] egl/x11: avoid using freed memory if dri2 init fails
Nicolas Boichat
drinkcat at chromium.org
Thu Aug 4 02:13:25 UTC 2016
Thanks! See also related series here, which fixes the other platforms:
https://lists.freedesktop.org/archives/mesa-dev/2016-August/125147.html
On Sun, Jul 31, 2016 at 9:44 PM, Jan Ziak <0xe2.0x9a.0x9b at gmail.com> wrote:
> Found with valgrind:
>
> ==4841== Invalid read of size 4
> ==4841== at 0x56BDC80: dri2_initialize (egl_dri2.c:783)
> ==4841== by 0x56BAFE5: _eglMatchAndInitialize (egldriver.c:261)
> ==4841== by 0x56BB15E: _eglMatchDriver (egldriver.c:295)
> ==4841== by 0x56B58C9: eglInitialize (eglapi.c:480)
> ==4841== by 0x4F537DC: _glfwInitEGL (in /usr/lib64/libglfw.so.3.2)
> ==4841== by 0x4F4BEFB: _glfwPlatformInit (in /usr/lib64/libglfw.so.3.2)
> ==4841== by 0x4F46F40: glfwInit (in /usr/lib64/libglfw.so.3.2)
> ==4841== by 0x402E59: main
> ==4841== Address 0x6a05824 is 148 bytes inside a block of size 480 free'd
> ==4841== at 0x4C2B680: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
> ==4841== by 0x56C2AAE: dri2_initialize_x11_swrast (platform_x11.c:1233)
> ==4841== by 0x56C2AAE: dri2_initialize_x11 (platform_x11.c:1493)
> ==4841== by 0x56BDCEB: dri2_initialize (egl_dri2.c:805)
> ==4841== by 0x56BAFAF: _eglMatchAndInitialize (egldriver.c:261)
> ==4841== by 0x56BB0C9: _eglMatchDriver (egldriver.c:292)
> ==4841== by 0x56B58C9: eglInitialize (eglapi.c:480)
> ==4841== by 0x4F537DC: _glfwInitEGL (in /usr/lib64/libglfw.so.3.2)
> ==4841== by 0x4F4BEFB: _glfwPlatformInit (in /usr/lib64/libglfw.so.3.2)
> ==4841== by 0x4F46F40: glfwInit (in /usr/lib64/libglfw.so.3.2)
> ==4841== by 0x402E59: main
> ==4841== Block was alloc'd at
> ==4841== at 0x4C2A868: calloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
> ==4841== by 0x56C2A47: dri2_initialize_x11_swrast (platform_x11.c:1171)
> ==4841== by 0x56C2A47: dri2_initialize_x11 (platform_x11.c:1493)
> ==4841== by 0x56BDCEB: dri2_initialize (egl_dri2.c:805)
> ==4841== by 0x56BAFAF: _eglMatchAndInitialize (egldriver.c:261)
> ==4841== by 0x56BB0C9: _eglMatchDriver (egldriver.c:292)
> ==4841== by 0x56B58C9: eglInitialize (eglapi.c:480)
> ==4841== by 0x4F537DC: _glfwInitEGL (in /usr/lib64/libglfw.so.3.2)
> ==4841== by 0x4F4BEFB: _glfwPlatformInit (in /usr/lib64/libglfw.so.3.2)
> ==4841== by 0x4F46F40: glfwInit (in /usr/lib64/libglfw.so.3.2)
> ==4841== by 0x402E59: main
>
> Signed-off-by: Jan Ziak (http://atom-symbol.net) <0xe2.0x9a.0x9b at gmail.com>
Fixes: 9ee683f877 (egl/dri2: Add reference count for dri2_egl_display)
Cc: "12.0" <mesa-stable at lists.freedesktop.org>
Reviewed-by: Nicolas Boichat <drinkcat at chromium.org>
> ---
> src/egl/drivers/dri2/platform_x11.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/src/egl/drivers/dri2/platform_x11.c b/src/egl/drivers/dri2/platform_x11.c
> index c0a4005..686552c 100644
> --- a/src/egl/drivers/dri2/platform_x11.c
> +++ b/src/egl/drivers/dri2/platform_x11.c
> @@ -1231,6 +1231,7 @@ dri2_initialize_x11_swrast(_EGLDriver *drv, _EGLDisplay *disp)
> xcb_disconnect(dri2_dpy->conn);
> cleanup_dpy:
> free(dri2_dpy);
> + disp->DriverData = NULL;
>
> return EGL_FALSE;
> }
> @@ -1370,6 +1371,7 @@ dri2_initialize_x11_dri3(_EGLDriver *drv, _EGLDisplay *disp)
> xcb_disconnect(dri2_dpy->conn);
> cleanup_dpy:
> free(dri2_dpy);
> + disp->DriverData = NULL;
>
> return EGL_FALSE;
> }
> @@ -1467,6 +1469,7 @@ dri2_initialize_x11_dri2(_EGLDriver *drv, _EGLDisplay *disp)
> xcb_disconnect(dri2_dpy->conn);
> cleanup_dpy:
> free(dri2_dpy);
> + disp->DriverData = NULL;
>
> return EGL_FALSE;
> }
> _______________________________________________
> mesa-dev mailing list
> mesa-dev at lists.freedesktop.org
> https://lists.freedesktop.org/mailman/listinfo/mesa-dev
More information about the mesa-dev
mailing list