From 7d2423a09ec8a40b7da7c90fe3cb863d03f96b39 Mon Sep 17 00:00:00 2001 From: Kenneth Graunke Date: Fri, 2 Aug 2013 00:35:05 -0700 Subject: [PATCH] glsl: Fix NULL pointer dereferences when linking fails. Commit 7cfefe6965d50 introduced a check for whether linked->Type equals GL_GEOMETRY_SHADER. However, linked may be NULL due to an earlier error condition. Since the entire function after the error path is (or should be) guarded by linked != NULL checks, we may as well just return early and remove the checks. Fixes crashes in 9 Piglit tests. Signed-off-by: Kenneth Graunke Reviewed-by: Paul Berry --- src/glsl/linker.cpp | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/src/glsl/linker.cpp b/src/glsl/linker.cpp index 94ea54ceb69..d36f6270b51 100644 --- a/src/glsl/linker.cpp +++ b/src/glsl/linker.cpp @@ -1233,7 +1233,8 @@ link_intrastage_shaders(void *mem_ctx, if (!link_function_calls(prog, linked, linking_shaders, num_linking_shaders)) { ctx->Driver.DeleteShader(ctx, linked); - linked = NULL; + free(linking_shaders); + return NULL; } free(linking_shaders); @@ -1241,8 +1242,7 @@ link_intrastage_shaders(void *mem_ctx, /* At this point linked should contain all of the linked IR, so * validate it to make sure nothing went wrong. */ - if (linked) - validate_ir_tree(linked->ir); + validate_ir_tree(linked->ir); /* Set the size of geometry shader input arrays */ if (linked->Type == GL_GEOMETRY_SHADER) { @@ -1258,11 +1258,8 @@ link_intrastage_shaders(void *mem_ctx, * unspecified sizes have a size specified. The size is inferred from the * max_array_access field. */ - if (linked != NULL) { - array_sizing_visitor v; - - v.run(linked->ir); - } + array_sizing_visitor v; + v.run(linked->ir); return linked; } -- 2.30.2