[Mesa-dev] [PATCH] svga: Prevent use after free.
Emil Velikov
emil.l.velikov at gmail.com
Mon Jan 22 15:44:38 UTC 2018
On 22 January 2018 at 15:13, Jose Fonseca <jfonseca at vmware.com> wrote:
> Courtesy of clang static analyzer.
>
> I was hunting for potential sources of memory corruption using Mesa with
> a GL trace, and happened to find this (unrelated) issue.
> ---
> src/gallium/drivers/svga/svga_context.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/src/gallium/drivers/svga/svga_context.c b/src/gallium/drivers/svga/svga_context.c
> index 546b9f48b1..af16a99b72 100644
> --- a/src/gallium/drivers/svga/svga_context.c
> +++ b/src/gallium/drivers/svga/svga_context.c
> @@ -327,6 +327,7 @@ cleanup:
> util_bitmask_destroy(svga->stream_output_id_bm);
> util_bitmask_destroy(svga->query_id_bm);
> FREE(svga);
> + svga = NULL;
>
> done:
> SVGA_STATS_TIME_POP(svgascreen->sws);
Seems like the most important line is just outside of context. Namely:
return svga ? &svga->pipe:NULL;
Cc: mesa-stable at lists.freedesktop.org
Reviewed-by: Emil Velikov <emil.l.velikov at gmail.com>
-Emil
More information about the mesa-dev
mailing list