From f51787b1c75390ce699719e2b39fea6459d06e76 Mon Sep 17 00:00:00 2001 From: Zach Reizner Date: Tue, 18 Jun 2019 16:00:33 -0700 Subject: gpu_display: fix dangling NULL pointer in dwl_context_setup If the dwl_context_setup routine fails after creating a wayland connection succesfully (e.g. if an extension is missing), the fail label is jumped to in order to disconnect the wayland connection and deallocate the wl_display structure. That label did not set self->display to NULL after calling wl_display_disconnect, which would cause the dwl_context_destroy routine to call wl_display_disconnect again, which is a double free. This CL fixes that ommission. TEST=None BUG=None Change-Id: I5b6c2d6fadda82dff4130bd4abb0e7764c15e004 Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1668528 Tested-by: Zach Reizner Tested-by: kokoro Reviewed-by: Zach Reizner Commit-Queue: Zach Reizner --- gpu_display/src/display_wl.c | 1 + 1 file changed, 1 insertion(+) (limited to 'gpu_display') diff --git a/gpu_display/src/display_wl.c b/gpu_display/src/display_wl.c index fce0ee0..00869a4 100644 --- a/gpu_display/src/display_wl.c +++ b/gpu_display/src/display_wl.c @@ -425,6 +425,7 @@ bool dwl_context_setup(struct dwl_context *self, const char *socket_path) fail: wl_display_disconnect(display); + self->display = NULL; return false; } -- cgit 1.4.1