Egbert Eich
c3db01d273
Fix crash due to oud of founds screen (boo#980382). OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/Mesa?expand=0&rev=515
70 lines
2.4 KiB
Diff
70 lines
2.4 KiB
Diff
From: Jiri Slaby <jslaby@suse.cz>
|
|
Date: Tue May 17 08:22:42 2016 +0200
|
|
Subject: glxcmds: glXGetFBConfigs, fix screen bounds
|
|
Patch-mainline: Not yet
|
|
Git-repo: git://anongit.freedesktop.org/git/mesa/mesa
|
|
Git-commit: 6aaa258229ec09f84ca51a728e125009ecee2d16
|
|
References: boo#980382
|
|
|
|
Bounds of screen are 0 (inclusive) and ScreenCount(dpy) (exclusive).
|
|
The upper bound was too high: ScreenCount(dpy) (inclusive).
|
|
|
|
This causes a crash invoked by java3d which passes down an invalid
|
|
screen:
|
|
6 0x00007f0e5198ba70 in <signal handler called> () at /lib64/libc.so.6
|
|
7 0x00007f0e14531e14 in glXGetFBConfigs (dpy=<optimized out>, screen=1, nelements=nelements@entry=0x7f0dab3c522c) at glxcmds.c:1660
|
|
8 0x00007f0e14532f7f in glXChooseFBConfig (dpy=<optimized out>, screen=<optimized out>, attribList=0x7f0dab3c54e0, nitems=0x7f0dab3c535c) at glxcmds.c:1611
|
|
9 0x00007f0e1478d29b in find_S_FBConfigs () at /usr/lib64/libj3dcore-ogl.so
|
|
10 0x00007f0e1478d3dc in find_S_S_FBConfigs () at /usr/lib64/libj3dcore-ogl.so
|
|
11 0x00007f0e1478d567 in find_AA_S_S_FBConfigs () at /usr/lib64/libj3dcore-ogl.so
|
|
12 0x00007f0e1478d728 in find_DB_AA_S_S_FBConfigs () at /usr/lib64/libj3dcore-ogl.so
|
|
13 0x00007f0e1478d97c in Java_javax_media_j3d_X11NativeConfigTemplate3D_chooseOglVisual () at /usr/lib64/libj3dcore-ogl.so
|
|
|
|
While ScreenCount(dpy) is actually 1:
|
|
(gdb) p dpy->nscreens
|
|
$2 = 1
|
|
screen=1 is passed to glXGetFBConfigs.
|
|
|
|
Easily reproducible by:
|
|
#include <stdio.h>
|
|
|
|
#include <X11/Xlib.h>
|
|
#include <GL/glx.h>
|
|
|
|
int main()
|
|
{
|
|
unsigned a;
|
|
int n;
|
|
Display *d = XOpenDisplay(":0");
|
|
GLXFBConfig *cfg;
|
|
|
|
for (a = 0; a <= ScreenCount(d); a++)
|
|
cfg = glXGetFBConfigs(d, a, &n);
|
|
|
|
XCloseDisplay(d);
|
|
|
|
return 0;
|
|
}
|
|
|
|
Fix this typo in glXGetFBConfigs.
|
|
|
|
Signed-off-by: Jiri Slaby <jslaby@suse.cz>
|
|
Cc: <mesa-stable@lists.freedesktop.org>
|
|
Signed-off-by: Egbert Eich <eich@suse.com>
|
|
---
|
|
src/glx/glxcmds.c | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
diff --git a/src/glx/glxcmds.c b/src/glx/glxcmds.c
|
|
index 63f4921..46bc214 100644
|
|
--- a/src/glx/glxcmds.c
|
|
+++ b/src/glx/glxcmds.c
|
|
@@ -1657,7 +1657,7 @@ glXGetFBConfigs(Display * dpy, int screen, int *nelements)
|
|
|
|
*nelements = 0;
|
|
if (priv && (priv->screens != NULL)
|
|
- && (screen >= 0) && (screen <= ScreenCount(dpy))
|
|
+ && (screen >= 0) && (screen < ScreenCount(dpy))
|
|
&& (priv->screens[screen]->configs != NULL)
|
|
&& (priv->screens[screen]->configs->fbconfigID
|
|
!= (int) GLX_DONT_CARE)) {
|