[EGIT] [core/efl] efl-1.12 01/01: evas: fix use after free.

Tue, 24 Mar 2015 15:14:46 -0700 

cedric pushed a commit to branch efl-1.12.

http://git.enlightenment.org/core/efl.git/commit/?id=274f0d7cbf12c6a0a7d3b3e8b328a98e575cb4a5

commit 274f0d7cbf12c6a0a7d3b3e8b328a98e575cb4a5
Author: Cedric BAIL <ced...@osg.samsung.com>
Date:   Tue Mar 24 23:09:28 2015 +0100

    evas: fix use after free.
    
    Thanks to Thanatermesis for tracking this in T2135.
---
 src/modules/evas/engines/gl_common/evas_gl_image.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/modules/evas/engines/gl_common/evas_gl_image.c 
b/src/modules/evas/engines/gl_common/evas_gl_image.c
index 1192bbe..29ddaa5 100644
--- a/src/modules/evas/engines/gl_common/evas_gl_image.c
+++ b/src/modules/evas/engines/gl_common/evas_gl_image.c
@@ -763,8 +763,11 @@ evas_gl_common_image_update(Evas_Engine_GL_Context *gc, 
Evas_GL_Image *im)
 {
    Image_Entry *ie;
    if (!im->im) return;
-   ie = (Image_Entry *)(im->im);
    evas_gl_common_image_alloc_ensure(im);
+
+   // alloc ensure can change im->im, so only get the local variable later.
+   ie = (Image_Entry *)(im->im);
+
 /*
    if ((im->cs.space == EVAS_COLORSPACE_YCBCR422P601_PL) ||
        (im->cs.space == EVAS_COLORSPACE_YCBCR422P709_PL))

--

Reply via email to