projects / platform / upstream / efl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f0d0533)
evas: fix use after free.
authorCedric BAIL <cedric@osg.samsung.com>
Tue, 24 Mar 2015 22:09:28 +0000 (23:09 +0100)
committerCedric BAIL <cedric@osg.samsung.com>
Tue, 24 Mar 2015 22:10:51 +0000 (23:10 +0100)
Thanks to Thanatermesis for tracking this in T2135.

src/modules/evas/engines/gl_common/evas_gl_image.c patch | blob | history

diff --git a/src/modules/evas/engines/gl_common/evas_gl_image.c b/src/modules/evas/engines/gl_common/evas_gl_image.c
index b8076a0..ff415ba 100644 (file)
--- a/src/modules/evas/engines/gl_common/evas_gl_image.c
+++ b/src/modules/evas/engines/gl_common/evas_gl_image.c
@@ -770,9 +770,11 @@ evas_gl_common_image_update(Evas_Engine_GL_Context *gc, Evas_GL_Image *im)
 {
    Image_Entry *ie;
    if (!im->im) return;
-   ie = &im->im->cache_entry;
    evas_gl_common_image_alloc_ensure(im);
 
+   // alloc ensure can change im->im, so only get the local variable later.
+   ie = &im->im->cache_entry;
+
 /*
    if ((im->cs.space == EVAS_COLORSPACE_YCBCR422P601_PL) ||
        (im->cs.space == EVAS_COLORSPACE_YCBCR422P709_PL))
Domain: UI Framework / EFL;