[Mesa-dev] Truncated extensions string

José Fonseca jfonseca at vmware.com
Tue Mar 15 08:29:47 PDT 2011

On Sat, 2011-03-12 at 01:22 -0800, Kenneth Graunke wrote:
> On Friday, March 11, 2011 01:23:12 PM Patrick Baggett wrote:
> > I feel like there is some kind of underlying lesson that we, OpenGL app
> > programmers, should be getting out of this...
> Yes.  Don't blindly copy abitrary amounts of data into a fixed size buffer. :)  
> I hate to be trite, but that -is- the entire problem: a classic buffer overflow, 
> the kind we warn people about in early programming courses.

There is no buffer overflow, just truncation, e.g., as if strncpy is

The crash I saw is most likely because the truncated extensions string
either has an inconsistent set of extensions or it is missing a very
basic extension.

> As Ian pointed 
> out, it's absolutely trivial to do this correctly: if you're going to
copy it, 
> just malloc a buffer that's the correct size.



More information about the mesa-dev mailing list