[Mesa-dev] [PATCH] i965: fix problem with constant out of bounds access (v2)

Kenneth Graunke kenneth at whitecape.org
Wed May 29 23:35:23 PDT 2013


On 05/29/2013 05:44 PM, Dave Airlie wrote:
> From: Dave Airlie <airlied at redhat.com>
>
> This is my attempt at fixing this as the CVE is making RH security team
> care enough to make me look at this. (please upstream, security fixes are
> more important than whatever else you are doing, if for no other reason than
> it saves me having to fix stuff I've no real clue about).
>
> Since Frank's original fix was denied, here is my attempt to just
> alias all constants that are out of bounds < 0 or > nr_params to constant 0,
> hopefully this provides the undefined behaviour idr requires..
>
> CVE-2013-1872
>
> v2: drop the last hunk which was a separate fix (now in master).
> hopefully fix the indentations.
>
> Signed-off-by: Dave Airlie <airlied at redhat.com>

I had to revert this as it caused over 200 Piglit regressions on my 
Sandybridge.  All sorts of tests hit assertion failures; my test run 
died and my desktop environment tanked.

Please run Piglit before pushing changes...

--Ken


More information about the mesa-dev mailing list