[Mesa-dev] [PATCH] egl: Fix crashes in eglCreate*Surface()

Chad Versace chadversary at chromium.org
Wed Dec 14 20:01:25 UTC 2016


On Wed 14 Dec 2016, Emil Velikov wrote:
> On 13 December 2016 at 22:40, Chad Versace <chadversary at chromium.org> wrote:
> > Don't dereference a null EGLDisplay.
> >
> > Fixes tests
> >   dEQP-EGL.functional.negative_api.create_pbuffer_surface
> >   dEQP-EGL.functional.negative_api.create_pixmap_surface
> >
> > Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=99038
> > ---
> >  src/egl/main/eglapi.c | 4 ++--
> >  1 file changed, 2 insertions(+), 2 deletions(-)
> >
> > diff --git a/src/egl/main/eglapi.c b/src/egl/main/eglapi.c
> > index 33d562042f..a349992c46 100644
> > --- a/src/egl/main/eglapi.c
> > +++ b/src/egl/main/eglapi.c
> > @@ -856,7 +856,7 @@ _eglCreateWindowSurfaceCommon(_EGLDisplay *disp, EGLConfig config,
> >        RETURN_EGL_ERROR(disp, EGL_BAD_NATIVE_WINDOW, EGL_NO_SURFACE);
> >
> >  #ifdef HAVE_SURFACELESS_PLATFORM
> > -   if (disp->Platform == _EGL_PLATFORM_SURFACELESS) {
> > +   if (disp && disp->Platform == _EGL_PLATFORM_SURFACELESS) {
> >        /* From the EGL_MESA_platform_surfaceless spec (v1):
> >         *
> >         *    eglCreatePlatformWindowSurface fails when called with a <display>
> > @@ -977,7 +977,7 @@ _eglCreatePixmapSurfaceCommon(_EGLDisplay *disp, EGLConfig config,
> >     EGLSurface ret;
> >
> >  #if HAVE_SURFACELESS_PLATFORM
> > -   if (disp->Platform == _EGL_PLATFORM_SURFACELESS) {
> > +   if (disp && disp->Platform == _EGL_PLATFORM_SURFACELESS) {

> Afaict we want to return EGL_FALSE + EGL_BAD_DISPLAY, right ?

We do want to emit EGL_BAD_DISPLAY. And the code will do that if disp is
null. Below my hunks is a call to _EGL_CHECK_CONFIG(disp, ...), which
emits EGL_BAD_DISPLAY in that case.

We must return EGL_NO_SURFACE, not EGL_FALSE, due to the function's
return type. Again, _EGL_CHECK_CONFIG() handles that correctly.


More information about the mesa-dev mailing list