From ee55b845d2e59f6437214def210f1791ff953445 Mon Sep 17 00:00:00 2001 From: Ian Romanick Date: Mon, 8 Apr 2013 16:53:46 -0700 Subject: [PATCH] glsl: Fix hypothetical NULL dereference related to process_array_type Ensure that process_array_type never returns NULL, and let process_array_type handle the case where the supplied base type is NULL. Fixes issues identified by Klocwork analysis: Pointer 'type' returned from call to function 'get_type' at line 1907 may be NULL and may be dereferenced at line 1912. and Pointer 'field_type' checked for NULL at line 4160 will be dereferenced at line 4165. Also there is one similar error on line 4174. Signed-off-by: Ian Romanick Reviewed-by: Kenneth Graunke --- src/glsl/ast_to_hir.cpp | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/src/glsl/ast_to_hir.cpp b/src/glsl/ast_to_hir.cpp index 050360debad..2638411e36a 100644 --- a/src/glsl/ast_to_hir.cpp +++ b/src/glsl/ast_to_hir.cpp @@ -1678,6 +1678,9 @@ process_array_type(YYLTYPE *loc, const glsl_type *base, ast_node *array_size, { unsigned length = 0; + if (base == NULL) + return glsl_type::error_type; + /* From page 19 (page 25) of the GLSL 1.20 spec: * * "Only one-dimensional arrays may be declared." @@ -1730,7 +1733,8 @@ process_array_type(YYLTYPE *loc, const glsl_type *base, ast_node *array_size, "allowed in GLSL ES 1.00."); } - return glsl_type::get_array_instance(base, length); + const glsl_type *array_type = glsl_type::get_array_instance(base, length); + return array_type != NULL ? array_type : glsl_type::error_type; } -- 2.30.2