[Pixman] [PATCH] Fix arithmetic overflow in pointer arithmetic in ‘general_composite_rect’
Ludovic Courtès
ludo at gnu.org
Mon Sep 21 08:10:36 PDT 2015
Hello,
The patch below intends to fix an arithmetic overflow occurring in a
pointer arithmetic context in ‘general_composite_rect’, as explained at:
https://bugs.freedesktop.org/show_bug.cgi?id=92027#c6
The bug can most likely lead to a crash.
In a preliminary review, Siarhei Siamashka notes that ‘width + 1’ is
insufficient to take 16-byte alignment constraints into account.
Indeed, AFAICS, it is sufficient when Bpp == 16 but probably not when
Bpp == 4.
Siarhei also suggests that more rewriting in needed in that part of the
code, but I’ll leave that to you. ;-)
Thanks,
Ludo’.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pixman-pointer-arithmetic.patch
Type: text/x-patch
Size: 771 bytes
Desc: the patch
URL: <http://lists.freedesktop.org/archives/pixman/attachments/20150921/90113e69/attachment.bin>
More information about the Pixman
mailing list