From a1cb12c1fbec30c23d50209db2fbf2b563ddcbe0 Mon Sep 17 00:00:00 2001 From: Brian Paul Date: Mon, 11 Feb 2013 12:27:29 -0700 Subject: [PATCH] util: add some defensive coding in u_upload_alloc() Some callers of this function were checking the 'ptr' result to see if the function failed. But the correct way is to check the regular return value for PIPE_ERROR_x. Now we initialize all the returned values at the top of the function in case we do hit an error (like OOM). Callers are more likely to detect OOM conditions now. But there are some callers which don't do any error checking... Note: This is a candidate for the 9.0 branch. Reviewed-by: Jose Fonseca (cherry picked from commit 68a097596efdf314ec60487a1761cac789ae2367) Conflicts: src/gallium/auxiliary/util/u_upload_mgr.c --- src/gallium/auxiliary/util/u_upload_mgr.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/src/gallium/auxiliary/util/u_upload_mgr.c b/src/gallium/auxiliary/util/u_upload_mgr.c index b4b4c91f1ec..21d4bca4b9d 100644 --- a/src/gallium/auxiliary/util/u_upload_mgr.c +++ b/src/gallium/auxiliary/util/u_upload_mgr.c @@ -164,6 +164,13 @@ enum pipe_error u_upload_alloc( struct u_upload_mgr *upload, unsigned alloc_offset = align(min_out_offset, upload->alignment); unsigned offset; + /* Init these return values here in case we fail below to make + * sure the caller doesn't get garbage values. + */ + *out_offset = ~0; + *outbuf = NULL; + *ptr = NULL; + /* Make sure we have enough space in the upload buffer * for the sub-allocation. */ if (MAX2(upload->offset, alloc_offset) + alloc_size > upload->size) { @@ -184,7 +191,7 @@ enum pipe_error u_upload_alloc( struct u_upload_mgr *upload, &upload->transfer); if (!upload->map) { pipe_resource_reference(outbuf, NULL); - *ptr = NULL; + upload->transfer = NULL; return PIPE_ERROR_OUT_OF_MEMORY; }