diff options
author | José Fonseca <[email protected]> | 2009-04-30 13:10:58 +0100 |
---|---|---|
committer | Keith Whitwell <[email protected]> | 2009-05-05 13:14:50 +0100 |
commit | 3537c3420d0887ed22565b9e4469952b99f1b76f (patch) | |
tree | 6b982845887e2d1073f88b3363e47be728bba678 | |
parent | b865501bda8f2f99bfa8ee365aa4a3da64291e6e (diff) |
util: Limit the stack walk to avoid referencing undefined memory.
-rw-r--r-- | src/gallium/auxiliary/util/u_debug_stack.c | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/src/gallium/auxiliary/util/u_debug_stack.c b/src/gallium/auxiliary/util/u_debug_stack.c index e9891fde8a3..528a1c394be 100644 --- a/src/gallium/auxiliary/util/u_debug_stack.c +++ b/src/gallium/auxiliary/util/u_debug_stack.c @@ -62,6 +62,8 @@ debug_backtrace_capture(struct debug_stack_frame *backtrace, #ifdef PIPE_ARCH_X86 while(nr_frames) { + const void **next_frame_pointer; + if(!frame_pointer) break; @@ -72,7 +74,14 @@ debug_backtrace_capture(struct debug_stack_frame *backtrace, --nr_frames; } - frame_pointer = (const void **)frame_pointer[0]; + next_frame_pointer = (const void **)frame_pointer[0]; + + /* Limit the stack walk to avoid referencing undefined memory */ + if((uintptr_t)next_frame_pointer <= (uintptr_t)frame_pointer || + (uintptr_t)next_frame_pointer > (uintptr_t)frame_pointer + 64*1024) + break; + + frame_pointer = next_frame_pointer; } #endif |