From 41642bdbca007035772fbfdc311f14daa5510d5d Mon Sep 17 00:00:00 2001
From: Kyle Brenneman <kbrenneman@nvidia.com>
Date: Wed, 6 Jun 2018 09:08:47 -0600
Subject: [PATCH] egl/glvnd: Fix a segfault in eglGetProcAddress.

If FindProcIndex in egldispatchstubs.c is called with a name that's less than
the first entry in the array, it would end up trying to store an index of -1 in
an unsigned integer, wrap around to 2^32, and then crash when it tries to look
that up.

Change FindProcIndex so that it uses bsearch(3) instead of implementing its own
binary search, like the GLX equivalent FindGLXFunction does.

Reviewed-by: Eric Engestrom <eric.engestrom@intel.com>
---
 src/egl/main/egldispatchstubs.c | 30 +++++++++++++-----------------
 1 file changed, 13 insertions(+), 17 deletions(-)

diff --git a/src/egl/main/egldispatchstubs.c b/src/egl/main/egldispatchstubs.c
index e02abd7a9e0..bfc3195c779 100644
--- a/src/egl/main/egldispatchstubs.c
+++ b/src/egl/main/egldispatchstubs.c
@@ -2,6 +2,7 @@
 #include "g_egldispatchstubs.h"
 
 #include <string.h>
+#include <stdlib.h>
 
 #include "eglcurrent.h"
 
@@ -10,26 +11,21 @@ static const __EGLapiExports *exports;
 const int __EGL_DISPATCH_FUNC_COUNT = __EGL_DISPATCH_COUNT;
 int __EGL_DISPATCH_FUNC_INDICES[__EGL_DISPATCH_COUNT + 1];
 
+static int Compare(const void *l, const void *r)
+{
+    const char *s = *(const char **)r;
+    return strcmp(l, s);
+}
+
 static int FindProcIndex(const char *name)
 {
-    unsigned first = 0;
-    unsigned last = __EGL_DISPATCH_COUNT - 1;
-
-    while (first <= last) {
-        unsigned middle = (first + last) / 2;
-        int comp = strcmp(name,
-                          __EGL_DISPATCH_FUNC_NAMES[middle]);
-
-        if (comp > 0)
-            first = middle + 1;
-        else if (comp < 0)
-            last = middle - 1;
-        else
-            return middle;
-    }
+    const char **match = bsearch(name, __EGL_DISPATCH_FUNC_NAMES,
+            __EGL_DISPATCH_COUNT, sizeof(const char *), Compare);
+
+    if (match == NULL)
+        return __EGL_DISPATCH_COUNT;
 
-    /* Just point to the dummy entry at the end of the respective table */
-    return __EGL_DISPATCH_COUNT;
+    return match - __EGL_DISPATCH_FUNC_NAMES;
 }
 
 void __eglInitDispatchStubs(const __EGLapiExports *exportsTable)
-- 
2.30.2