[Mesa-dev] [PATCH] mesa: Fix indirect draw buffer size check on 32-bit systems.
Mark Janes
mark.a.janes at intel.com
Thu Apr 28 23:30:42 UTC 2016
Reviewed-by: Mark Janes <mark.a.janes at intel.com>
Kenneth Graunke <kenneth at whitecape.org> writes:
> Fixes dEQP-GLES31.functional subtests:
> draw_indirect.negative.command_offset_not_in_buffer_signed32_wrap
> draw_indirect.negative.command_offset_not_in_buffer_unsigned32_wrap
>
> These tests use really large values that overflow GLsizeiptr, at
> which point the buffer size isn't less than "end".
>
> Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=95138
> Signed-off-by: Kenneth Graunke <kenneth at whitecape.org>
> ---
> src/mesa/main/api_validate.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/src/mesa/main/api_validate.c b/src/mesa/main/api_validate.c
> index 2b62997..688408f 100644
> --- a/src/mesa/main/api_validate.c
> +++ b/src/mesa/main/api_validate.c
> @@ -696,7 +696,7 @@ valid_draw_indirect(struct gl_context *ctx,
> GLenum mode, const GLvoid *indirect,
> GLsizei size, const char *name)
> {
> - const GLsizeiptr end = (GLsizeiptr)indirect + size;
> + const uint64_t end = (uint64_t) (uintptr_t) indirect + size;
>
> /* OpenGL ES 3.1 spec. section 10.5:
> *
> --
> 2.8.0
More information about the mesa-dev
mailing list