[virglrenderer-devel] [PATCH virglrenderer] shader: avoid use after free
marcandre.lureau at redhat.com
marcandre.lureau at redhat.com
Fri Mar 18 22:18:17 UTC 2016
From: Marc-André Lureau <marcandre.lureau at redhat.com>
If the shader failed to be finished, it should be removed from the
hashtable if it was already inserted. Use the goto error path in this
case to handle shader destroy and prevent potential later lookup of
invalid shader from the hashtable.
Signed-off-by: Marc-André Lureau <marcandre.lureau at redhat.com>
---
src/vrend_renderer.c | 9 +++++----
1 file changed, 5 insertions(+), 4 deletions(-)
diff --git a/src/vrend_renderer.c b/src/vrend_renderer.c
index d652da5..1249193 100644
--- a/src/vrend_renderer.c
+++ b/src/vrend_renderer.c
@@ -2147,7 +2147,6 @@ static int vrend_finish_shader(struct vrend_context *ctx,
r = vrend_shader_select(ctx, sel, NULL);
if (r) {
- vrend_destroy_shader_selector(sel);
return EINVAL;
}
return 0;
@@ -2247,9 +2246,11 @@ int vrend_create_shader(struct vrend_context *ctx,
goto error;
}
- if (vrend_finish_shader(ctx, sel, tokens))
- new_shader = false;
- else {
+ if (vrend_finish_shader(ctx, sel, tokens)) {
+ free(tokens);
+ ret = EINVAL;
+ goto error;
+ } else {
free(sel->tmp_buf);
sel->tmp_buf = NULL;
}
--
2.5.0
More information about the virglrenderer-devel
mailing list