Commit 5d1272a
committed
gfx/drivers_context: fix OOM bugs in ps3_ctx and android_ctx init
Two bugs found during a gfx/drivers_context sweep.
=== gfx/drivers_context/ps3_ctx.c: gfx_ctx_ps3_get_available_resolutions ===
global->console.screen.resolutions.list =
malloc(resolution_count * sizeof(uint32_t));
for (i = 0; i < num_videomodes; i++)
{
if (cellVideoOutGetResolutionAvailability(...))
{
global->console.screen.resolutions.list[
global->console.screen.resolutions.count++] = videomode[i];
...
Unchecked malloc; the loop below indexes into
resolutions.list[count++] on every available videomode and
NULL-derefs on OOM. Also, the 'default resolution fallback'
block further down at line ~138 does
'...list[...current.idx]' which is another NULL-deref site
on the same OOM path.
Fix: NULL-check and early return. Void-returning function,
so we leave resolutions.check == false so the next call
retries once memory is available. This is the right
behaviour - the alternative (setting check=true with an
empty list) would permanently brick resolution detection
for the session.
=== gfx/drivers_context/android_ctx.c: android_gfx_ctx_init ===
android_ctx_data_t *and = (android_ctx_data_t*)
calloc(1, sizeof(*and));
if (!android_app || !and)
return false;
Two cleanup bugs in the same line:
1. Leak: the combined 'if (!android_app || !and)' collapses
the 'android_app is NULL' and 'and is NULL' failure paths
into one return. In the (!android_app && and)
sub-case, 'and' was successfully allocated but we return
without freeing it.
2. Return-type confusion: the function signature is 'void*'
but the pre-patch code returns 'false'. This compiles
fine ('false' coerces to '(void*)0' == NULL) but is
semantically misleading.
Fix: split the check into two separate blocks; free 'and'
in the android_app-NULL path before returning; use NULL
explicitly instead of 'false' for the void* return.
=== Not a bug, verified clean ===
Every other alloc site in gfx/drivers_context/ triaged cleanly
this pass:
* ps3_ctx.c:199 (gfx_ctx_ps3_data_t calloc) - NULL-checked.
* x_vk_ctx.c:215, x_ctx.c:359 (gfx_ctx_x_*_data_t callocs)
- NULL-checked.
* sdl_gl_ctx.c:104 (gfx_ctx_sdl_data_t) - NULL-checked.
* osmesa_ctx.c:159, orbis_ctx.c:130, opendingux_fbdev_ctx.c:76,
khr_display_ctx.c:75, emscriptenegl_ctx.c:133,
drm_go2_ctx.c:114, drm_ctx.c:733 - all NULL-checked with
'if (!x)' guards and early-return or goto-error bails.
* mali_fbdev_ctx.c:163 - already fixed in an earlier commit
in this series (NULL-check on write-to-fbdev buffer).
* emscriptenwebgl_ctx.c:108 - NULL-checked a few lines later
at line 128 (the intervening code is all local stack init
on a separate 'attrs' struct, no emscripten deref before
the guard).
=== Thread-safety ===
Both functions run on the main thread during video driver init,
before the driver's render loop starts. No shared-state
changes; no lock discipline changes.
=== Reachability ===
ps3_get_available_resolutions: PS3 hardware only. Called once
at video driver init to enumerate supported display resolutions.
android_gfx_ctx_init: Android builds only. Called once at
video driver init, ~immediately after app startup.1 parent 01a11ac commit 5d1272a
2 files changed
Lines changed: 22 additions & 2 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
96 | 96 | | |
97 | 97 | | |
98 | 98 | | |
99 | | - | |
100 | | - | |
| 99 | + | |
| 100 | + | |
| 101 | + | |
| 102 | + | |
| 103 | + | |
| 104 | + | |
| 105 | + | |
| 106 | + | |
| 107 | + | |
| 108 | + | |
| 109 | + | |
| 110 | + | |
| 111 | + | |
101 | 112 | | |
102 | 113 | | |
103 | 114 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
99 | 99 | | |
100 | 100 | | |
101 | 101 | | |
| 102 | + | |
| 103 | + | |
| 104 | + | |
| 105 | + | |
| 106 | + | |
| 107 | + | |
| 108 | + | |
| 109 | + | |
| 110 | + | |
102 | 111 | | |
103 | 112 | | |
104 | 113 | | |
| |||
0 commit comments