diff options
author | Dave Airlie <airlied@redhat.com> | 2011-10-19 16:57:13 +0100 |
---|---|---|
committer | Dave Airlie <airlied@redhat.com> | 2011-12-06 16:00:35 +0000 |
commit | 1049139499d9132a20cd6d4d156fe9da9cddb6c2 (patch) | |
tree | f6a979de0400f1fb6c87b5bde7c857a775f69006 | |
parent | 682c09a2cedd234b005334cc01247d859dd7f26a (diff) |
xaa: avoid possible freed pointer reuse in epilogue
If the pGCPriv->flags == 2, then we try to assign the freed pGCPriv->XAAOps
avoid this by clearing the flags in to be destroyed pGCPriv.
Reported by coverity.
Signed-off-by: Dave Airlie <airlied@redhat.com>
Reviewed-by: Jeremy Huddleston <jeremyhu@apple.com>
-rw-r--r-- | hw/xfree86/xaa/xaaGC.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/hw/xfree86/xaa/xaaGC.c b/hw/xfree86/xaa/xaaGC.c index 44d50e6b6..1bc35d9f3 100644 --- a/hw/xfree86/xaa/xaaGC.c +++ b/hw/xfree86/xaa/xaaGC.c @@ -239,6 +239,7 @@ XAADestroyGC(GCPtr pGC) free(pGCPriv->XAAOps); free(pGCPriv->DashPattern); + pGCPriv->flags = 0; (*pGC->funcs->DestroyGC)(pGC); XAA_GC_FUNC_EPILOGUE (pGC); |