Skip to content

vrend: Fix use-after-free bug with shader programs

Gert Wollny requested to merge gerddie/virglrenderer:hotfix-52 into master
  1. The sub-context holds a pointer to the last shader program used and this is de-referenced , e.g. in vrend_vbo_draw. However, the guest may destroy the program without notifying the sub-context, and as a result the pointer becomes stale and may be used after free.

As a solution add a pointer to the owning context when a program is referenced and if the program gets destroyed, clean the pointer in the sub-context.

Closes: #52 (closed)

Edited by Gert Wollny

Merge request reports