From: Zhiyi Zhang <zzhang@codeweavers.com> When a thread that created windows is being closed, the destination buffer address address might be NULL. For example: 1. context_gl->internal_format_set is set to 1 in wined3d_context_gl_set_pixel_format(). 2. A thread gets destroyed, all the windows in the thread get destroyed. 3. wined3d_context_gl_set_pixel_format() fails because WindowFromDC() returns NULL. 4. get_dc_pixel_format() fails in win32u_wglMakeContextCurrentARB(). 5. wined3d_buffer_gl_create_buffer_object() fails to create a buffer object. 6. wined3d_buffer_get_memory() returns a struct wined3d_bo_address with addr being NULL. Adding a NULL check in wined3d_context_gl_copy_bo_address() avoids triggering write segfaults when terminating a thread. This could happen for React Native applications. --- dlls/wined3d/context_gl.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/dlls/wined3d/context_gl.c b/dlls/wined3d/context_gl.c index fc480f5a440..4042e329bba 100644 --- a/dlls/wined3d/context_gl.c +++ b/dlls/wined3d/context_gl.c @@ -3048,6 +3048,12 @@ void wined3d_context_gl_copy_bo_address(struct wined3d_context_gl *context_gl, } else { + if (!dst->addr || !src->addr) + { + ERR("Invalid addresses.\n"); + return; + } + for (i = 0; i < range_count; ++i) memcpy(dst->addr + ranges[i].offset, src->addr + ranges[i].offset, ranges[i].size); } -- GitLab https://gitlab.winehq.org/wine/wine/-/merge_requests/9956