[Mesa-dev] [PATCH 1/3] mesa/main: fix integer overflows in _mesa_image_offset

Nicolai Hähnle nhaehnle at gmail.com
Tue Jun 14 14:37:17 UTC 2016


From: Nicolai Hähnle <nicolai.haehnle at amd.com>

Found using -fsanitize=undefined.

Cc: "11.1 11.2 12.0" <mesa-stable at lists.freedesktop.org>
---
 src/mesa/main/image.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/mesa/main/image.c b/src/mesa/main/image.c
index 4d6ab6f..a039b51 100644
--- a/src/mesa/main/image.c
+++ b/src/mesa/main/image.c
@@ -151,8 +151,8 @@ _mesa_image_offset( GLuint dimensions,
 
    if (type == GL_BITMAP) {
       /* BITMAP data */
-      GLint bytes_per_row;
-      GLint bytes_per_image;
+      GLintptr bytes_per_row;
+      GLintptr bytes_per_image;
       /* components per pixel for color or stencil index: */
       const GLint comp_per_pixel = 1;
 
@@ -170,8 +170,8 @@ _mesa_image_offset( GLuint dimensions,
    }
    else {
       /* Non-BITMAP data */
-      GLint bytes_per_pixel, bytes_per_row, remainder, bytes_per_image;
-      GLint topOfImage;
+      GLintptr bytes_per_pixel, bytes_per_row, remainder, bytes_per_image;
+      GLintptr topOfImage;
 
       bytes_per_pixel = _mesa_bytes_per_pixel( format, type );
 
-- 
2.7.4



More information about the mesa-dev mailing list