Crash in driGetConfigAttribIndex()

Dave Airlie airlied at gmail.com
Fri Aug 8 23:48:23 PDT 2008 

On Sat, Aug 9, 2008 at 2:57 PM, David Miller <davem at davemloft.net> wrote:
> From: David Miller <davem at davemloft.net>
> Date: Fri, 08 Aug 2008 16:40:42 -0700 (PDT)
>
>> For values that are GLboolean, this function does the wrong thing.
>> It's trying to dereference a pointer to a GLboolean as an
>> "unsigned int *" which won't work and in fact will get a SIGBUS
>> on platforms like sparc that require proper data alignment.
>>
>> In my case the X server crashes trying to fetch a
>> __DRI_ATTRIB_FLOAT_MODE value here.
>>
>> Perhaps these members simply need special handling in the switch
>> statement.
>
> There is the same exact issue in the xserver's DRI code,
> specifically glx/glxdricommon.c's createModeFromConfig.
>
> Here are two patches I am using which together seem to fix these
> problems.

Thanks Dave, applied to master and 1.5 X server and Mesa master.

Dave.

>
> The first is for MESA and the second is for the X server:
>
> ----------------------------------------
> diff --git a/src/mesa/drivers/dri/common/utils.c b/src/mesa/drivers/dri/common/utils.c
> index 7fbe0d8..b15a922 100644
> --- a/src/mesa/drivers/dri/common/utils.c
> +++ b/src/mesa/drivers/dri/common/utils.c
> @@ -836,6 +836,10 @@ driGetConfigAttribIndex(const __DRIconfig *config,
>     case __DRI_ATTRIB_SWAP_METHOD:
>        break;
>
> +    case __DRI_ATTRIB_FLOAT_MODE:
> +       *value = config->modes.floatMode;
> +       break;
> +
>     default:
>        *value = *(unsigned int *)
>            ((char *) &config->modes + attribMap[index].offset);
> ----------------------------------------
> diff --git a/glx/glxdricommon.c b/glx/glxdricommon.c
> index 13725ae..c02ba66 100644
> --- a/glx/glxdricommon.c
> +++ b/glx/glxdricommon.c
> @@ -164,6 +164,9 @@ createModeFromConfig(const __DRIcoreExtension *core,
>            if (value & __DRI_ATTRIB_TEXTURE_RECTANGLE_BIT)
>                config->config.bindToTextureTargets |= GLX_TEXTURE_RECTANGLE_BIT_EXT;
>            break;
> +       case __DRI_ATTRIB_FLOAT_MODE:
> +           config->config.floatMode = (value ? GL_TRUE : GL_FALSE);
> +           break;
>        default:
>            setScalar(&config->config, attrib, value);
>            break;
> --------------------
> _______________________________________________
> xorg mailing list
> xorg at lists.freedesktop.org
> http://lists.freedesktop.org/mailman/listinfo/xorg
>

More information about the xorg mailing list