[Backport to 1.20] glx: Fix use after free in MakeCurrent (!693) · Merge requests · xorg / xserver

Olivier Fourdan requested to merge ofourdan/xserver:backport-1.20-issue1186 into server-1.20-branch Jun 21, 2021

The fix from commit c468d34c - "glx: Set ContextTag for all contexts" is actually incomplete, it correctly sets the context tag for direct contexts as well, but would fail to mark the context's currentClient.

As a result, when the context is destroyed, it would be freed immediately rather than being just scheduled for deletion, even though it is still current for some client. leading to a use-after-free.

Make sure to also set the context's currentClient for direct contexts as well, not just indirect ones.

Signed-off-by: Olivier Fourdan ofourdan@redhat.com Fixes: c468d34c - "glx: Set ContextTag for all contexts" Closes: #1186 (closed) Reviewed-by: Adam Jackson ajax@redhat.com (cherry picked from commit aad61e8e)

[Backport to 1.20] glx: Fix use after free in MakeCurrent

Merge request reports