[PATCH v3 0/1] MR9375: opengl32: Avoid null pointer dereferences when filtering extensions.
Fixes: 2127e9ae7d90466f3b8883708799047214409832 --- Fixes a crash on macOS. Perhaps the extensions string regularly has a trailing space on other platforms? The previous filter_extensions_list method set `end` differently and avoided this case. -- v3: opengl32: Avoid null pointer dereferences when filtering extensions. https://gitlab.winehq.org/wine/wine/-/merge_requests/9375
From: Tim Clem <tclem(a)codeweavers.com> Fixes: 2127e9ae7d90466f3b8883708799047214409832 --- dlls/opengl32/unix_wgl.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/dlls/opengl32/unix_wgl.c b/dlls/opengl32/unix_wgl.c index b7892c2851d..5a86e40b1f5 100644 --- a/dlls/opengl32/unix_wgl.c +++ b/dlls/opengl32/unix_wgl.c @@ -742,13 +742,15 @@ static GLubyte *filter_extensions( struct context *ctx, const char *extensions ) { while (*extensions == ' ') extensions++; if (!*extensions) break; - len = (end = strchr( extensions, ' ' )) ? end - extensions : strlen( extensions ); - memcpy( p, extensions, len ); - p[len] = 0; + + if (!(end = strchr( extensions, ' ' ))) end = extensions + strlen( extensions ); + memcpy( p, extensions, end - extensions ); + p[end - extensions] = 0; + if (is_extension_supported( ctx, p )) { TRACE( "++ %s\n", p ); - p += len; + p += end - extensions; *p++ = ' '; } else -- GitLab https://gitlab.winehq.org/wine/wine/-/merge_requests/9375
On Wed Nov 5 18:47:58 2025 +0000, Rémi Bernon wrote:
```suggestion:-19+0 for (;;) { while (*extensions == ' ') extensions++; if (!*extensions) break; if (!(end = strchr( extensions, ' ' ))) end = extensions + strlen( extensions ); memcpy( p, extensions, end - extensions ); p[end - extensions] = 0; if (is_extension_supported( ctx, p )) { TRACE( "++ %s ", p ); p += end - extensions; *p++ = ' '; } else { TRACE( "-- %s (disabled in context)\n", p ); } extensions = end; } ``` Lets take the original code which didn't suffer from the issue. The combined assignation and ternary operator is ugly and we can get rid of the len variable.
Switched back to that in v3 -- https://gitlab.winehq.org/wine/wine/-/merge_requests/9375#note_120908
participants (2)
-
Tim Clem -
Tim Clem (@tclem)