From 51f5f43d430d1bfbd4108e50c60877c35678853e Mon Sep 17 00:00:00 2001 From: Derek Foreman Date: Sun, 14 May 2017 13:13:34 -0500 Subject: [PATCH] ecore_drm2: Fix use after free In trying to clean up some code and fix a hypothetical buffer leak, I added a use after free error that can break rendering on the drm and gl_drm evas engines. Coverity did the heavy lifting for me on this one. Fix Coverity CID 1375047 Fix T5484 --- src/lib/ecore_drm2/ecore_drm2_fb.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/lib/ecore_drm2/ecore_drm2_fb.c b/src/lib/ecore_drm2/ecore_drm2_fb.c index 8ef2d82..114280b 100644 --- a/src/lib/ecore_drm2/ecore_drm2_fb.c +++ b/src/lib/ecore_drm2/ecore_drm2_fb.c @@ -553,7 +553,8 @@ ecore_drm2_fb_flip(Ecore_Drm2_Fb *fb, Ecore_Drm2_Output *output) /* So we can generate a tick by flipping to the current fb */ if (!fb) fb = output->current.fb; - if (output->next.fb) _release_buffer(output, &output->next); + if (output->next.fb && fb != output->next.fb) + _release_buffer(output, &output->next); /* If we don't have an fb to set by now, BAIL! */ if (!fb) return -1; -- 2.7.4