[Mesa-dev] [PATCH 1/3] i965/drm: Fix dereference-before-NULL-check in brw_bo_unmap().
Kenneth Graunke
kenneth at whitecape.org
Thu Apr 13 06:33:12 UTC 2017
I introduced this when cleaning up this code. libdrm_intel was fine.
While passing NULL to free() is a common pattern...passing NULL to
unmap seems pretty bad. You really ought to know whether you have
a buffer or not. So, we could add an assert. Not sure whether
that's better. This takes the defensive plan of bailing early,
which is what libdrm_intel did originally.
CID: 1405006
---
src/mesa/drivers/dri/i965/brw_bufmgr.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/mesa/drivers/dri/i965/brw_bufmgr.c b/src/mesa/drivers/dri/i965/brw_bufmgr.c
index 8dda38d1262..fa7bf69a84e 100644
--- a/src/mesa/drivers/dri/i965/brw_bufmgr.c
+++ b/src/mesa/drivers/dri/i965/brw_bufmgr.c
@@ -826,12 +826,12 @@ brw_bo_map_unsynchronized(struct brw_context *brw, struct brw_bo *bo)
int
brw_bo_unmap(struct brw_bo *bo)
{
- struct brw_bufmgr *bufmgr = bo->bufmgr;
- int ret = 0;
-
if (bo == NULL)
return 0;
+ struct brw_bufmgr *bufmgr = bo->bufmgr;
+ int ret = 0;
+
pthread_mutex_lock(&bufmgr->lock);
if (bo->map_count <= 0) {
--
2.12.2
More information about the mesa-dev
mailing list