88882 – hud_context.c: possible NULL-pointer dereference

Bug 88882 - hud_context.c: possible NULL-pointer dereference

Summary: hud_context.c: possible NULL-pointer dereference

Status:	RESOLVED FIXED

Alias:	None

Product:	Mesa
Classification:	Unclassified
Component:	Drivers/Gallium/radeonsi (show other bugs)
Version:	git
Hardware:	Other All

Importance:	medium normal
Assignee:	Default DRI bug account
QA Contact:	Default DRI bug account

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2015-01-30 21:11 UTC by Heinrich Schuchardt
Modified:	2015-10-17 17:07 UTC (History)
CC List:	0 users

See Also:
i915 platform:
i915 features:

Attachments

Description Heinrich Schuchardt 2015-01-30 21:11:42 UTC

In
mesa/src/gallium/auxiliary/hud/hud_context.c
we find the following code

      case ',':
         env++;
         y += height + hud->font.glyph_height * (pane->num_graphs + 2);

         if (pane && pane->num_graphs) {
            LIST_ADDTAIL(&pane->head, &hud->pane_list);
            pane = NULL;
         }
         break;

pane is checked for being NULL. So obviously we expect NULL as possible value.
But we use pane->num_graphs before the check. This is possibly a NULL-pointer dereference.

The problem was indicated by cppcheck
http://cppcheck.sourceforge.net/

Best regards

Heinrich Schuchardt

Comment 1 Marek Olšák 2015-10-17 17:07:07 UTC

Fixed by 006fcc0da674ca18ebf07771e3c309997ab32798.

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.