diff options
| author | Brian Paul <[email protected]> | 2014-05-23 14:59:33 -0600 |
|---|---|---|
| committer | Brian Paul <[email protected]> | 2014-05-28 15:06:07 -0600 |
| commit | f9cecca7a6e3d9ff231075381b88d179e153a5a4 (patch) | |
| tree | 51a054b9e24579eb1aa36f4a304541d57d044cd8 /src | |
| parent | bb9623a1a8b1884817422752c8dced9f084d4547 (diff) | |
glsl: fix use-after free bug/crash in ast_declarator_list::hir()
The call to get_variable_being_redeclared() may delete 'var' so we
can't reference var->name afterward. We fix that by examining the
var's name before making that call.
Fixes valgrind warnings and possible crash when running the piglit
tests/spec/glsl-1.30/execution/clipping/vs-clip-distance-in-param.shader_test
test (and probably others).
Cc: "10.1 10.2" <[email protected]>
Reviewed-by: Ian Romanick <[email protected]>
Diffstat (limited to 'src')
| -rw-r--r-- | src/glsl/ast_to_hir.cpp | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/src/glsl/ast_to_hir.cpp b/src/glsl/ast_to_hir.cpp index 0128b3f4e82..e06f9b413d2 100644 --- a/src/glsl/ast_to_hir.cpp +++ b/src/glsl/ast_to_hir.cpp @@ -3651,11 +3651,15 @@ ast_declarator_list::hir(exec_list *instructions, * instruction stream. */ exec_list initializer_instructions; + + /* Examine var name here since var may get deleted in the next call */ + bool var_is_gl_id = (strncmp(var->name, "gl_", 3) == 0); + ir_variable *earlier = get_variable_being_redeclared(var, decl->get_location(), state, false /* allow_all_redeclarations */); if (earlier != NULL) { - if (strncmp(var->name, "gl_", 3) == 0 && + if (var_is_gl_id && earlier->data.how_declared == ir_var_declared_in_block) { _mesa_glsl_error(&loc, state, "`%s' has already been redeclared using " |