diff options
author | Brian Paul <[email protected]> | 2013-01-24 14:44:09 -0700 |
---|---|---|
committer | Brian Paul <[email protected]> | 2013-01-25 15:41:40 -0700 |
commit | 68a097596efdf314ec60487a1761cac789ae2367 (patch) | |
tree | 578138d12dd9cce12dd5fd78c10f5680e8e4ab17 | |
parent | d6f8b7ef386ff85034b5ee38b6784bc59e00f213 (diff) |
util: add some defensive coding in u_upload_alloc()
Some callers of this function were checking the 'ptr' result to see if
the function failed. But the correct way is to check the regular
return value for PIPE_ERROR_x. Now we initialize all the returned
values at the top of the function in case we do hit an error (like OOM).
Callers are more likely to detect OOM conditions now. But there
are some callers which don't do any error checking...
Note: This is a candidate for the 9.0 branch.
Reviewed-by: Jose Fonseca <[email protected]>
-rw-r--r-- | src/gallium/auxiliary/util/u_upload_mgr.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/src/gallium/auxiliary/util/u_upload_mgr.c b/src/gallium/auxiliary/util/u_upload_mgr.c index ee1c6881ef2..47d39af67aa 100644 --- a/src/gallium/auxiliary/util/u_upload_mgr.c +++ b/src/gallium/auxiliary/util/u_upload_mgr.c @@ -163,6 +163,13 @@ enum pipe_error u_upload_alloc( struct u_upload_mgr *upload, unsigned alloc_offset = align(min_out_offset, upload->alignment); unsigned offset; + /* Init these return values here in case we fail below to make + * sure the caller doesn't get garbage values. + */ + *out_offset = ~0; + *outbuf = NULL; + *ptr = NULL; + /* Make sure we have enough space in the upload buffer * for the sub-allocation. */ if (MAX2(upload->offset, alloc_offset) + alloc_size > upload->size) { @@ -183,7 +190,6 @@ enum pipe_error u_upload_alloc( struct u_upload_mgr *upload, &upload->transfer); if (!upload->map) { pipe_resource_reference(outbuf, NULL); - *ptr = NULL; upload->transfer = NULL; return PIPE_ERROR_OUT_OF_MEMORY; } |