From d1e1563bb63f08cdfec1b40b105bec7f343bc0b8 Mon Sep 17 00:00:00 2001 From: Dongwon Kim Date: Tue, 2 Feb 2016 15:06:28 -0800 Subject: [PATCH] egl: move Null check to eglGetSyncAttribKHR to prevent Segfault MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Null-check on "*value" is currently done in _eglGetSyncAttrib, which is after eglGetSyncAttribKHR dereferences it. Move the check a layer up (in the beginning of eglGetSyncAttribKHR) to avoid segfaults. Cc: "11.0 11.1" Reviewed-by: Marek Olšák [Emil Velikov: tweak commit message, add stable tag] Reviewed-by: Emil Velikov --- src/egl/main/eglapi.c | 10 ++++++++-- src/egl/main/eglsync.c | 3 --- 2 files changed, 8 insertions(+), 5 deletions(-) diff --git a/src/egl/main/eglapi.c b/src/egl/main/eglapi.c index 323634e4511..32f68233aeb 100644 --- a/src/egl/main/eglapi.c +++ b/src/egl/main/eglapi.c @@ -1555,8 +1555,14 @@ eglGetSyncAttrib(EGLDisplay dpy, EGLSync sync, EGLint attribute, EGLAttrib *valu static EGLBoolean EGLAPIENTRY eglGetSyncAttribKHR(EGLDisplay dpy, EGLSync sync, EGLint attribute, EGLint *value) { - EGLAttrib attrib = *value; - EGLBoolean result = eglGetSyncAttrib(dpy, sync, attribute, &attrib); + EGLAttrib attrib; + EGLBoolean result; + + if (!value) + RETURN_EGL_ERROR(NULL, EGL_BAD_PARAMETER, EGL_FALSE); + + attrib = *value; + result = eglGetSyncAttrib(dpy, sync, attribute, &attrib); /* The EGL_KHR_fence_sync spec says this about eglGetSyncAttribKHR: * diff --git a/src/egl/main/eglsync.c b/src/egl/main/eglsync.c index 3019e6e9333..999cb480c4b 100644 --- a/src/egl/main/eglsync.c +++ b/src/egl/main/eglsync.c @@ -144,9 +144,6 @@ EGLBoolean _eglGetSyncAttrib(_EGLDriver *drv, _EGLDisplay *dpy, _EGLSync *sync, EGLint attribute, EGLAttrib *value) { - if (!value) - return _eglError(EGL_BAD_PARAMETER, "eglGetSyncAttribKHR"); - switch (attribute) { case EGL_SYNC_TYPE_KHR: *value = sync->Type; -- 2.30.2