[Mesa-dev] [Bug 99677] heap-use-after-free in glsl
bugzilla-daemon at freedesktop.org
bugzilla-daemon at freedesktop.org
Tue Feb 7 08:46:44 UTC 2017
https://bugs.freedesktop.org/show_bug.cgi?id=99677
--- Comment #3 from Samuel Iglesias <siglesias at igalia.com> ---
(In reply to Bartosz Tomczyk from comment #2)
> Hi Samuel,
>
> I don't have setup to reproduce it right now. I will update you will more
> details in the evening.
>
> But I looked at current mesa git and the bug is definitively there.
>
> Look at src/compiler/glsl/ast_to_hir.cpp:5210 - function
> get_variable_being_redeclared can free 'var', and then it could be
> dereferenced at src/compiler/glsl/ast_to_hir.cpp:5266. This is exactly what
> address sanitizer showed.
Right. Thanks!
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/mesa-dev/attachments/20170207/7e7c7715/attachment.html>
More information about the mesa-dev
mailing list