[Mesa-dev] [PATCH] mesa: check that uniform exists in glUniform* functions
Erik Faye-Lund
kusmabite at gmail.com
Thu Sep 11 12:35:01 PDT 2014
On Thu, Sep 11, 2014 at 8:39 PM, Ian Romanick <idr at freedesktop.org> wrote:
> On 08/28/2014 12:58 AM, Tapani Pälli wrote:
>> Remap table for uniforms may contain empty entries when using explicit
>> uniform locations. If no active/inactive variable exists with given
>> location, remap table contains NULL.
>>
>> Signed-off-by: Tapani Pälli <tapani.palli at intel.com>
>> ---
>> src/mesa/main/uniform_query.cpp | 2 +-
>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/src/mesa/main/uniform_query.cpp b/src/mesa/main/uniform_query.cpp
>> index 4cd2bca..5dcb528 100644
>> --- a/src/mesa/main/uniform_query.cpp
>> +++ b/src/mesa/main/uniform_query.cpp
>> @@ -239,7 +239,7 @@ validate_uniform_parameters(struct gl_context *ctx,
>> * - if count is greater than one, and the uniform declared in the
>> * shader is not an array variable,
>> */
>> - if (location < -1) {
>> + if (location < -1 || !shProg->UniformRemapTable[location]) {
>> _mesa_error(ctx, GL_INVALID_OPERATION, "%s(location=%d)",
>> caller, location);
>> return NULL;
>>
>
> So... this would occur if someone explicitly put uniforms at locations 0
> and 2, then queried location 1, right? What happens if someone queries
> location 0x7fffffff? Will it commit an out-of-bounds acces of
> UniformRemapTable, or is there an earlier check that's not visible in
> the patch?
Outch. That check is right *after* this lookup, so no... that's not
going to work as-is.
More information about the mesa-dev
mailing list