glava Use after free

Use after free

Open yyny opened this issue 5 years ago • 1 comments

the struct glsl_ext in rd_new appearts to be used multiple times.

https://github.com/jarcode-foss/glava/blob/3cc5e226aa719328f1b96870617a0e9a95f02c8a/glava/render.c#L1356

I don't fully understand the control flow, but it is incorrect and valgrind reports an use after free. One possible solution is to zero-fill the freed pointers in ext_free.

https://github.com/jarcode-foss/glava/blob/3cc5e226aa719328f1b96870617a0e9a95f02c8a/glava/glsl_ext.c#L727-L738

This also appears to be the cause of #147.

Jan 16 '20 16:01 yyny

Thanks for spending the time to dig this up for me. I will get around to fixing a slew of bugs and ironing out a bunch of new reworks and features for 2.0 once I have cleared a decent amount of free time for programming.

Mar 03 '20 17:03 jarcode-foss

glava glava copied to clipboard

Use after free

glava
glava copied to clipboard