[Mesa-dev] [PATCH] mesa: return early with no error when shader source count is 0
Eric Anholt
eric at anholt.net
Thu May 4 17:03:23 UTC 2017
Bartosz Tomczyk <bartosz.tomczyk86 at gmail.com> writes:
> malloc can return valid pointer for zero size allocation,
> which causes OOB access later on
> ---
> src/mesa/main/shaderapi.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/src/mesa/main/shaderapi.c b/src/mesa/main/shaderapi.c
> index c41f006eb7..36cff0ca6e 100644
> --- a/src/mesa/main/shaderapi.c
> +++ b/src/mesa/main/shaderapi.c
> @@ -1776,6 +1776,9 @@ _mesa_ShaderSource(GLuint shaderObj, GLsizei count,
> GLcharARB *source;
> struct gl_shader *sh;
>
> + if (!count)
> + return;
> +
I think this doesn't clear out the shader source when it should. Maybe
shader_source(sh, calloc(1, 1)); before returning?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: <https://lists.freedesktop.org/archives/mesa-dev/attachments/20170504/7b9279ff/attachment-0001.sig>
More information about the mesa-dev
mailing list