From 55ff409066ac382e75f196b8d174d4c2f1e14f79 Mon Sep 17 00:00:00 2001
From: Pekka Paalanen <pekka.paalanen@collabora.co.uk>
Date: Tue, 29 Aug 2017 17:04:12 +0300
Subject: [PATCH] libweston: ensure backend is not loaded twice

Check and ensure that a compositor can only load one backend
successfully. If a backend fails to load, it is theoretically possible
to try another backend. Once loading succeeds, only destroying the
compositor would allow "unloading" a backend.

If backend init fail, ensure the backend pointer remains NULL to avoid
calling into a half-loaded backend on e.g. compositor destruction.

Signed-off-by: Pekka Paalanen <pekka.paalanen@collabora.co.uk>
---
 libweston/compositor.c | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/libweston/compositor.c b/libweston/compositor.c
index baa8a7512..404922ca4 100644
--- a/libweston/compositor.c
+++ b/libweston/compositor.c
@@ -5654,6 +5654,11 @@ weston_compositor_load_backend(struct weston_compositor *compositor,
 	int (*backend_init)(struct weston_compositor *c,
 			    struct weston_backend_config *config_base);
 
+	if (compositor->backend) {
+		weston_log("Error: attempt to load a backend when one is already loaded\n");
+		return -1;
+	}
+
 	if (backend >= ARRAY_LENGTH(backend_map))
 		return -1;
 
@@ -5661,7 +5666,12 @@ weston_compositor_load_backend(struct weston_compositor *compositor,
 	if (!backend_init)
 		return -1;
 
-	return backend_init(compositor, config_base);
+	if (backend_init(compositor, config_base) < 0) {
+		compositor->backend = NULL;
+		return -1;
+	}
+
+	return 0;
 }
 
 WL_EXPORT int
-- 
GitLab