From d41f5396f3cb619729021390c273f838d92f11fb Mon Sep 17 00:00:00 2001 From: Juha-Pekka Heikkila Date: Fri, 3 Jan 2014 05:57:00 -0700 Subject: glx: check memory allocations in __glXInitVertexArrayState() Signed-off-by: Juha-Pekka Heikkila Reviewed-by: Brian Paul --- src/glx/indirect_vertex_array.c | 27 +++++++++++++++++++++++---- 1 file changed, 23 insertions(+), 4 deletions(-) (limited to 'src/glx') diff --git a/src/glx/indirect_vertex_array.c b/src/glx/indirect_vertex_array.c index 1d26c5eb6a9..0025cbbd078 100644 --- a/src/glx/indirect_vertex_array.c +++ b/src/glx/indirect_vertex_array.c @@ -135,9 +135,6 @@ __glXFreeVertexArrayState(struct glx_context * gc) * struct glx_context::server_minor, and __GLXcontext::server_major have been * initialized. These values are used to determine what vertex arrays are * supported. - * - * \bug - * Return values from malloc are not properly tested. */ void __glXInitVertexArrayState(struct glx_context * gc) @@ -154,7 +151,11 @@ __glXInitVertexArrayState(struct glx_context * gc) arrays = calloc(1, sizeof(struct array_state_vector)); - state->array_state = arrays; + + if (arrays == NULL) { + __glXSetError(gc, GL_OUT_OF_MEMORY); + return; + } arrays->old_DrawArrays_possible = !state->NoDrawArraysProtocol; arrays->new_DrawArrays_possible = GL_FALSE; @@ -204,6 +205,12 @@ __glXInitVertexArrayState(struct glx_context * gc) arrays->num_arrays = array_count; arrays->arrays = calloc(array_count, sizeof(struct array_state)); + if (arrays->arrays == NULL) { + free(arrays); + __glXSetError(gc, GL_OUT_OF_MEMORY); + return; + } + arrays->arrays[0].data_type = GL_FLOAT; arrays->arrays[0].count = 3; arrays->arrays[0].key = GL_NORMAL_ARRAY; @@ -289,6 +296,18 @@ __glXInitVertexArrayState(struct glx_context * gc) arrays->stack = malloc(sizeof(struct array_stack_state) * arrays->num_arrays * __GL_CLIENT_ATTRIB_STACK_DEPTH); + + if (arrays->stack == NULL) { + free(arrays->arrays); + free(arrays); + __glXSetError(gc, GL_OUT_OF_MEMORY); + return; + } + + /* Everything went ok so we put vertex array state in place + * in context. + */ + state->array_state = arrays; } -- cgit v1.2.3