review.tizen.org Git - profile/ivi/mesa.git/commit

author	Ian Romanick <ian.d.romanick@intel.com>
	Mon, 2 Aug 2010 19:49:20 +0000 (12:49 -0700)
committer	Ian Romanick <ian.d.romanick@intel.com>
	Mon, 2 Aug 2010 20:53:32 +0000 (13:53 -0700)
commit	955ceef47f2bb8b5005abf11d4a8580c71f19e1b
tree	339e3ab1b2207fafd13f51fb4847f161f1061a49	tree \| snapshot
parent	7ffe40532f6b22d9b80caeac0fc3b9495619186a	commit \| diff

Keep a local copy of the symbol name in the symbol table

The symbol_header structure that tracks symbols with a particular name
may have a different (longer) life time than the symbols it tracks.
Not keeping a local copy of the name can lead to use-after-free
errors.  For example, the following sequence would trigger such an
error:

    char *copy = strdup(name);

    _mesa_symbol_table_push_scope(st);
    _mesa_symbol_table_add_symbol(st, 0, name, NULL);
    _mesa_symbol_table_pop_scope(st);
    free(name);
    _mesa_symbol_table_find_symbol(st, 0, copy);

With this change, the symbol table keeps a local copy of the name that
has the same life time as the symbol_header for that name.  This
resolves some use-after-free errors with built-in functions in the
GLSL compiler.