main: Avoid double-free of shader Label

As documented, the _mesa_free_shader_program_data function:

	"Frees all the data that hangs off a shader program object, but not
	the object itself."

This means that this function may be called multiple times on the same object,
(and has been observed to). Meanwhile, the shProg->Label field was not being
set to NULL after its free(). This led to a second call to free() of the same
address on the second call to this function.

Fix this by setting this field to NULL after free(), (just as with all other
calls to free() in this function).

Reviewed-by: Brian Paul <brianp@vmware.com>
CC: mesa-stable@lists.freedesktop.org

diff --git a/src/mesa/main/shaderobj.c b/src/mesa/main/shaderobj.c
index 4f4bb69a872d42a878ac02fb962d311651b5d1bb..d5c3d8099a76fdd2eb6c31ddcc8a9dd518de15ab 100644 (file)
--- a/src/mesa/main/shaderobj.c
+++ b/src/mesa/main/shaderobj.c
@@ -355,6 +355,7 @@ _mesa_free_shader_program_data(struct gl_context *ctx,
    }
 
    free(shProg->Label);
+   shProg->Label = NULL;
 }