[Mesa-dev] [PATCH] mesa/st: Fix NULL access if no fragment shader is bound
Miklós Máté
mtmkls at gmail.com
Mon Mar 28 16:05:14 UTC 2016
On 03/28/2016 05:01 PM, Bas Nieuwenhuizen wrote:
> Signed-off-by: Bas Nieuwenhuizen <bas at basnieuwenhuizen.nl>
> ---
> src/mesa/state_tracker/st_atom_constbuf.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/src/mesa/state_tracker/st_atom_constbuf.c b/src/mesa/state_tracker/st_atom_constbuf.c
> index 4d9b344..a980dbe 100644
> --- a/src/mesa/state_tracker/st_atom_constbuf.c
> +++ b/src/mesa/state_tracker/st_atom_constbuf.c
> @@ -65,8 +65,8 @@ void st_upload_constants( struct st_context *st,
> shader_type == PIPE_SHADER_COMPUTE);
>
> /* update the ATI constants before rendering */
> - struct ati_fragment_shader *ati_fs = st->fp->ati_fs;
> - if (shader_type == PIPE_SHADER_FRAGMENT && ati_fs) {
> + if (shader_type == PIPE_SHADER_FRAGMENT && st->fp->ati_fs) {
> + struct ati_fragment_shader *ati_fs = st->fp->ati_fs;
> unsigned c;
>
> for (c = 0; c < MAX_NUM_FRAGMENT_CONSTANTS_ATI; c++) {
Could you please provide a test program that demonstrates the NULL
access? AFAIK st->fp is either a user-supplied
shader or a shader that implements the fixed-function fragment
operation, and I don't know how it could be NULL.
BTW if st->fp is NULL, then this segfaults even after your change.
MM
More information about the mesa-dev
mailing list