From: Samuel Pitoiset Date: Wed, 24 Jun 2015 19:11:27 +0000 (+0200) Subject: gallium/hud: prevent NULL pointer dereference with pipe_query functions X-Git-Url: https://git.libre-soc.org/?a=commitdiff_plain;h=b4b4406e1e8dcf577551087cc6eb068e5303efdf;p=mesa.git gallium/hud: prevent NULL pointer dereference with pipe_query functions The HUD doesn't check if query_create() fails and it calls other pipe_query functions with NULL pointer instead of a valid query object. Signed-off-by: Samuel Pitoiset Reviewed-by: Marek Olšák --- diff --git a/src/gallium/auxiliary/hud/hud_driver_query.c b/src/gallium/auxiliary/hud/hud_driver_query.c index 603aba7e8cd..ee71678e894 100644 --- a/src/gallium/auxiliary/hud/hud_driver_query.c +++ b/src/gallium/auxiliary/hud/hud_driver_query.c @@ -62,7 +62,8 @@ query_new_value(struct hud_graph *gr) uint64_t now = os_time_get(); if (info->last_time) { - pipe->end_query(pipe, info->query[info->head]); + if (info->query[info->head]) + pipe->end_query(pipe, info->query[info->head]); /* read query results */ while (1) { @@ -70,7 +71,7 @@ query_new_value(struct hud_graph *gr) union pipe_query_result result; uint64_t *res64 = (uint64_t *)&result; - if (pipe->get_query_result(pipe, query, FALSE, &result)) { + if (query && pipe->get_query_result(pipe, query, FALSE, &result)) { info->results_cumulative += res64[info->result_index]; info->num_results++; @@ -88,7 +89,8 @@ query_new_value(struct hud_graph *gr) "gallium_hud: all queries are busy after %i frames, " "can't add another query\n", NUM_QUERIES); - pipe->destroy_query(pipe, info->query[info->head]); + if (info->query[info->head]) + pipe->destroy_query(pipe, info->query[info->head]); info->query[info->head] = pipe->create_query(pipe, info->query_type, 0); } @@ -113,15 +115,15 @@ query_new_value(struct hud_graph *gr) info->results_cumulative = 0; info->num_results = 0; } - - pipe->begin_query(pipe, info->query[info->head]); } else { /* initialize */ info->last_time = now; info->query[info->head] = pipe->create_query(pipe, info->query_type, 0); - pipe->begin_query(pipe, info->query[info->head]); } + + if (info->query[info->head]) + pipe->begin_query(pipe, info->query[info->head]); } static void