diff options
author | Cedric BAIL <cedric@osg.samsung.com> | 2015-03-24 23:09:28 +0100 |
---|---|---|
committer | Cedric BAIL <cedric@osg.samsung.com> | 2015-03-24 23:13:30 +0100 |
commit | 32ecb77191741bd6f1a90f902397bcb5f27dc341 (patch) | |
tree | c5adcf63207772d2e074723a17a33a2a139e5c0b | |
parent | 3fabf9f95297b8a1ebd61089f4268b130037ede8 (diff) | |
download | efl-32ecb77191741bd6f1a90f902397bcb5f27dc341.tar.gz |
evas: fix use after free.
Thanks to Thanatermesis for tracking this in T2135.
-rw-r--r-- | src/modules/evas/engines/gl_common/evas_gl_image.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/src/modules/evas/engines/gl_common/evas_gl_image.c b/src/modules/evas/engines/gl_common/evas_gl_image.c index daa975255c..39cf844dc9 100644 --- a/src/modules/evas/engines/gl_common/evas_gl_image.c +++ b/src/modules/evas/engines/gl_common/evas_gl_image.c @@ -661,8 +661,11 @@ evas_gl_common_image_update(Evas_Engine_GL_Context *gc, Evas_GL_Image *im) { Image_Entry *ie; if (!im->im) return; - ie = (Image_Entry *)(im->im); evas_gl_common_image_alloc_ensure(im); + + // alloc ensure can change im->im, so only get the local variable later. + ie = (Image_Entry *)(im->im); + /* if ((im->cs.space == EVAS_COLORSPACE_YCBCR422P601_PL) || (im->cs.space == EVAS_COLORSPACE_YCBCR422P709_PL)) |