[cogl] cogl-matrix-stack: fix use after free in matrix stack.

[Robert Bragg <rbragg src gnome org>]

commit d42efa37415931fe2de3fb07dd3514b91620fbc6
Author: Dave Airlie <airlied redhat com>
Date:   Tue Mar 13 13:03:57 2012 +0000

    cogl-matrix-stack: fix use after free in matrix stack.
    
    If the matrix was reallocated we would use values from the stack
    for the matrix parameters. This fixes that and also uses the
    function instead of out of lining the same code.
    
    https://bugzilla.gnome.org/show_bug.cgi?id=671985
    
    Reviewed-by: Robert Bragg <robert linux intel com>
    Reviewed-by: Neil Roberts <neil linux intel com>

 cogl/cogl-matrix-stack.c |    7 +++++--
 1 files changed, 5 insertions(+), 2 deletions(-)
---
diff --git a/cogl/cogl-matrix-stack.c b/cogl/cogl-matrix-stack.c
index 40d0903..5933bcf 100644
--- a/cogl/cogl-matrix-stack.c
+++ b/cogl/cogl-matrix-stack.c
@@ -110,8 +110,11 @@ _cogl_matrix_stack_top_mutable (CoglMatrixStack *stack,
   state->push_count -= 1;
 
   g_array_set_size (stack->stack, stack->stack->len + 1);
-  new_top = &g_array_index (stack->stack, CoglMatrixState,
-                            stack->stack->len - 1);
+  /* if g_array_set_size reallocs we need to get state
+   * pointer again */
+  state = &g_array_index (stack->stack, CoglMatrixState,
+                            stack->stack->len - 2);
+  new_top = _cogl_matrix_stack_top(stack);
   _cogl_matrix_state_init (new_top);
 
   if (initialize)