Hi ! I've attached the patch which fixes access to unitialized pointer during memory free operation.
pqNewPriorityQ() function creates and setups PriorityQ structure, all except for the field "order". It is filled later in function pqInit(). Depending on vertices of polygon which must be tesselated there possible following situation, pqDeletePriorityQ() is called right after pqNewPriorityQ() function. pqNewPriorityQ() tries to free memory using pq->order as pointer, which is unitialized at this point. P.S. Bug has been found by Victor Magalhaes while using my port of GLU library to OpenGL ES ( http://code.google.com/p/glues/ ). My port was based on the latest MESA/GLU sources. Thanks.
priorityq.diff
Description: Binary data
_______________________________________________ mesa-dev mailing list mesa-dev@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/mesa-dev
