diff options
author | Brian Paul <[email protected]> | 2011-06-20 11:07:57 -0600 |
---|---|---|
committer | Brian Paul <[email protected]> | 2011-09-23 07:58:47 -0600 |
commit | 73e840ab7d5d4f42dabe498b194b388713fdc43b (patch) | |
tree | e811324ad48ebe52006994d79ff47bb7c2f2347e /src/gallium | |
parent | 974b6413f4540d73c21c092cc0a62abb6d546e21 (diff) |
svga: check to avoid writing beyond end of constant buffer
See bug 688394
Diffstat (limited to 'src/gallium')
-rw-r--r-- | src/gallium/drivers/svga/svga_state_constants.c | 24 |
1 files changed, 23 insertions, 1 deletions
diff --git a/src/gallium/drivers/svga/svga_state_constants.c b/src/gallium/drivers/svga/svga_state_constants.c index a28fcf91225..870857ea42f 100644 --- a/src/gallium/drivers/svga/svga_state_constants.c +++ b/src/gallium/drivers/svga/svga_state_constants.c @@ -107,7 +107,29 @@ static enum pipe_error emit_const_range( struct svga_context *svga, unsigned i, j; enum pipe_error ret; - assert(offset + count < CB_MAX); +#ifdef DEBUG + if (offset + count > CB_MAX) { + debug_printf("svga: too many constants (offset + count = %u)\n", + offset + count); + } +#endif + + if (offset > CB_MAX) { + /* This isn't OK, but if we propagate an error all the way up we'll + * just get into more trouble. + * XXX note that offset is always zero at this time so this is moot. + */ + return PIPE_OK; + } + + if (offset + count > CB_MAX) { + /* Just drop the extra constants for now. + * Ideally we should not have allowed the app to create a shader + * that exceeds our constant buffer size but there's no way to + * express that in gallium at this time. + */ + count = CB_MAX - offset; + } i = 0; while (i < count) { |