[Mesa-dev] [PATCH] mesa: check that uniform exists in glUniform* functions
Tapani Pälli
tapani.palli at intel.com
Thu Sep 11 21:42:06 PDT 2014
On 09/11/2014 09:39 PM, Ian Romanick wrote:
> On 08/28/2014 12:58 AM, Tapani Pälli wrote:
>> Remap table for uniforms may contain empty entries when using explicit
>> uniform locations. If no active/inactive variable exists with given
>> location, remap table contains NULL.
>>
>> Signed-off-by: Tapani Pälli <tapani.palli at intel.com>
>> ---
>> src/mesa/main/uniform_query.cpp | 2 +-
>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/src/mesa/main/uniform_query.cpp b/src/mesa/main/uniform_query.cpp
>> index 4cd2bca..5dcb528 100644
>> --- a/src/mesa/main/uniform_query.cpp
>> +++ b/src/mesa/main/uniform_query.cpp
>> @@ -239,7 +239,7 @@ validate_uniform_parameters(struct gl_context *ctx,
>> * - if count is greater than one, and the uniform declared in the
>> * shader is not an array variable,
>> */
>> - if (location < -1) {
>> + if (location < -1 || !shProg->UniformRemapTable[location]) {
>> _mesa_error(ctx, GL_INVALID_OPERATION, "%s(location=%d)",
>> caller, location);
>> return NULL;
>>
> So... this would occur if someone explicitly put uniforms at locations 0
> and 2, then queried location 1, right? What happens if someone queries
> location 0x7fffffff? Will it commit an out-of-bounds acces of
> UniformRemapTable, or is there an earlier check that's not visible in
> the patch?
Right, the checks are in wrong order now .. I'll make a v2 and move the
upper bounds check to happen before this one, this fixes both cases
properly.
Thanks;
// Tapani
More information about the mesa-dev
mailing list