From 2aec5c3c812ffe4a85b5e62452b244819a812dd6 Mon Sep 17 00:00:00 2001
From: Adam Jackson <ajax@redhat.com>
Date: Tue, 14 May 2019 12:39:23 -0400
Subject: [PATCH] glx: Fix potential crashes in glXWait{GL,X}

glxc->drawPriv will be NULL if the context is direct, or if it is
current but without a bound drawable. Mesa's libGL won't normally emit
protocol for direct contexts for these calls, but a malign client could
still crash the server.
---
 glx/glxcmds.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/glx/glxcmds.c b/glx/glxcmds.c
index 54d452e58..6af050940 100644
--- a/glx/glxcmds.c
+++ b/glx/glxcmds.c
@@ -765,7 +765,7 @@ __glXDisp_WaitGL(__GLXclientState * cl, GLbyte * pc)
         glFinish();
     }
 
-    if (glxc && glxc->drawPriv->waitGL)
+    if (glxc && glxc->drawPriv && glxc->drawPriv->waitGL)
         (*glxc->drawPriv->waitGL) (glxc->drawPriv);
 
     return Success;
@@ -789,7 +789,7 @@ __glXDisp_WaitX(__GLXclientState * cl, GLbyte * pc)
             return error;
     }
 
-    if (glxc && glxc->drawPriv->waitX)
+    if (glxc && glxc->drawPriv && glxc->drawPriv->waitX)
         (*glxc->drawPriv->waitX) (glxc->drawPriv);
 
     return Success;