[Intel-gfx] [PATCH 4/4] i810: coverty fix - avoid random stack access
Patrick Welche
prlw1 at cam.ac.uk
Mon Jan 26 04:25:43 PST 2015
From: Christos Zoulas <christos at netbsd.org>
CID 1107540: Make the code safe avoiding random stack access. In
the first loop where there is a singleton point to pptSrc, only
access that singleton, no matter what.
November 2013 patch from NetBSD xsrc:
http://mail-index.netbsd.org/source-changes/2013/11/14/msg049188.html
Signed-off-by: Patrick Welche <prlw1 at cam.ac.uk>
---
src/legacy/i810/i810_dri.c | 15 +++++++++++----
1 file changed, 11 insertions(+), 4 deletions(-)
diff --git a/src/legacy/i810/i810_dri.c b/src/legacy/i810/i810_dri.c
index cca35d6..edfbad2 100644
--- a/src/legacy/i810/i810_dri.c
+++ b/src/legacy/i810/i810_dri.c
@@ -1104,10 +1104,17 @@ I810DRIMoveBuffers(WindowPtr pParent, DDXPointRec ptOldOrg,
while ((pboxNext >= pbox) && (pboxBase->y1 == pboxNext->y1))
pboxNext--;
pboxTmp = pboxNext + 1;
- pptTmp = pptSrc + (pboxTmp - pbox);
- while (pboxTmp <= pboxBase) {
- *pboxNew1++ = *pboxTmp++;
- *pptNew1++ = *pptTmp++;
+ if (pptSrc == &ptOldOrg) {
+ if (pboxTmp <= pboxBase) {
+ *pboxNew1++ = *pboxTmp;
+ *pptNew1++ = *pptSrc;
+ }
+ } else {
+ pptTmp = pptSrc + (pboxTmp - pbox);
+ while (pboxTmp <= pboxBase) {
+ *pboxNew1++ = *pboxTmp++;
+ *pptNew1++ = *pptTmp++;
+ }
}
pboxBase = pboxNext;
}
--
2.2.1
More information about the Intel-gfx
mailing list