Re: [PATCH 0/6] MR259: vkd3d-shader/dxil: Read the DXIL module.

29 Jun 2023


      Giovanni Mascellani (@giomasce) commented about libs/vkd3d-shader/dxil.c:
...


           count = record->operand_count - 2;


           if (!(type->u.function = vkd3d_malloc(offsetof(struct sm6_function_info, param_types[count]))))


           {


               ERR("Failed to allocate function parameter types.\n");


               return VKD3D_ERROR_OUT_OF_MEMORY;


           }


           type->u.function->ret_type = &sm6->types[type_id];


           type->u.function->param_count = count;


           for (j = 0; j < count; ++j)


           {


               if ((type_id = record->operands[j + 2]) >= type_count)


               {


                   WARN("Invalid parameter type id %"PRIu64" for type %u.\n", type_id, type_index);


                   vkd3d_free(type->u.function);


If you free without zeroing the pointer you're prone to double freeing, aren't you? This also happens for structures.
-- 
https://gitlab.winehq.org/wine/vkd3d/-/merge_requests/259#note_37321

2025

2024

2023

2022

Re: [PATCH 0/6] MR259: vkd3d-shader/dxil: Read the DXIL module.