st/mesa: fix potential use-after-free in draw_bitmap_quad

author Marek Olšák <marek.olsak@amd.com>

Mon, 25 Jul 2022 00:36:00 +0000 (20:36 -0400)

committer Marge Bot <emma+marge@anholt.net>

Wed, 24 Aug 2022 18:13:02 +0000 (18:13 +0000)
author Marek Olšák <marek.olsak@amd.com>
Mon, 25 Jul 2022 00:36:00 +0000 (20:36 -0400)
committer Marge Bot <emma+marge@anholt.net>
Wed, 24 Aug 2022 18:13:02 +0000 (18:13 +0000)
diff --git a/src/mesa/state_tracker/st_cb_bitmap.c b/src/mesa/state_tracker/st_cb_bitmap.c

index 8cc8b8f..c02e468 100644 (file)
--- a/src/mesa/state_tracker/st_cb_bitmap.c
+++ b/src/mesa/state_tracker/st_cb_bitmap.c
@@ -321,17 +321,17 @@ draw_bitmap_quad(struct gl_context *ctx, GLint x, GLint y, GLfloat z,
        assert(height <= (GLsizei) maxSize);
     }
  
-   setup_render_state(ctx, sv, color);
-
-   /* convert Z from [0,1] to [-1,-1] to match viewport Z scale/bias */
-   z = z * 2.0f - 1.0f;
-
     if (sv->texture->target == PIPE_TEXTURE_RECT) {
        /* use non-normalized texcoords */
        sRight = (float) width;
        tBot = (float) height;
     }
  
+   setup_render_state(ctx, sv, color);
+
+   /* convert Z from [0,1] to [-1,-1] to match viewport Z scale/bias */
+   z = z * 2.0f - 1.0f;
+
     if (!st_draw_quad(st, clip_x0, clip_y0, clip_x1, clip_y1, z,
                       sLeft, tBot, sRight, tTop, color, 0)) {
        _mesa_error(ctx, GL_OUT_OF_MEMORY, "glBitmap");
author	Marek Olšák <marek.olsak@amd.com>
	Mon, 25 Jul 2022 00:36:00 +0000 (20:36 -0400)
committer	Marge Bot <emma+marge@anholt.net>
	Wed, 24 Aug 2022 18:13:02 +0000 (18:13 +0000)