[Mesa-dev] [PATCH 1/5] include/GL: add mesa_glinterop.h for OpenGL-OpenCL interop (v3)
Marek Olšák
maraeo at gmail.com
Tue Mar 8 15:39:13 UTC 2016
On Sat, Mar 5, 2016 at 9:53 AM, Michel Dänzer <michel at daenzer.net> wrote:
> On 04.03.2016 04:46, Marek Olšák wrote:
>>
>> +/**
>> + * Device information returned by Mesa.
>> + */
>> +typedef struct _mesa_glinterop_device_info {
>> + uint32_t size; /* size of this structure */
>
> Callees determine how much data they can write by looking at these size
> members of the *out parameters. That's pretty error-prone: If the
> callers just pass in a pointer they received from malloc, forgetting to
> initialize the size member, it'll have a random value, which is quite
> likely larger than the actual size and what the callee expects as a
> minimum, in which case the callee will write past the end of the
> allocated memory => memory corruption, if not a security issue.
>
> If you still don't want to go for a version based scheme instead, I'd
> suggest passing in the size as an explicit function parameter. (Or at
> the very least, it needs to be documented very prominently that callers
> must initialize out->size before calling in; but we know no matter how
> well that is documented, it'll probably be ignored anyway sooner or
> later...)
Version based it is then.
More information about the mesa-dev
mailing list