[virglrenderer-devel] [PATCH] vrend_render: fix decode edge cases.
Po-Hsien Wang
pwang at chromium.org
Wed Jun 20 23:56:58 UTC 2018
---
src/vrend_decode.c | 3 ++-
src/vrend_renderer.c | 3 ++-
2 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/src/vrend_decode.c b/src/vrend_decode.c
index d50f385..8793668 100644
--- a/src/vrend_decode.c
+++ b/src/vrend_decode.c
@@ -295,7 +295,8 @@ static int vrend_decode_set_sampler_views(struct vrend_decode_ctx *ctx, uint16_t
return EINVAL;
if (num_samps > PIPE_MAX_SHADER_SAMPLER_VIEWS ||
- start_slot > (PIPE_MAX_SHADER_SAMPLER_VIEWS - num_samps))
+ start_slot > (PIPE_MAX_SHADER_SAMPLER_VIEWS - num_samps) ||
+ start_slot < 0)
return EINVAL;
for (i = 0; i < num_samps; i++) {
diff --git a/src/vrend_renderer.c b/src/vrend_renderer.c
index 67abc25..abb6273 100644
--- a/src/vrend_renderer.c
+++ b/src/vrend_renderer.c
@@ -2069,7 +2069,8 @@ void vrend_set_single_sampler_view(struct vrend_context *ctx,
if (handle) {
view = vrend_object_lookup(ctx->sub->object_hash, handle, VIRGL_OBJECT_SAMPLER_VIEW);
if (!view) {
- ctx->sub->views[shader_type].views[index] = NULL;
+ if (index < ctx->sub->views[shader_type].num_views)
+ ctx->sub->views[shader_type].views[index] = NULL;
report_context_error(ctx, VIRGL_ERROR_CTX_ILLEGAL_HANDLE, handle);
return;
}
--
2.18.0.rc1.244.gcf134e6275-goog
More information about the virglrenderer-devel
mailing list