mesa: skip draws with invalid indices offset

It's easy to misuse glDrawElements and end up with an
invalid indices offset.
Since this can cause a hang, detect this case and skip
the draw.

Closes: https://gitlab.freedesktop.org/mesa/mesa/-/issues/6625
Reviewed-by: Marek Olšák <marek.olsak@amd.com>
Part-of: <https://gitlab.freedesktop.org/mesa/mesa/-/merge_requests/16662>

diff --git a/src/mesa/main/draw.c b/src/mesa/main/draw.c
index 15cef9e..0e2072b 100644 (file)
--- a/src/mesa/main/draw.c
+++ b/src/mesa/main/draw.c
@@ -1772,8 +1772,15 @@ _mesa_validated_drawrangeelements(struct gl_context *ctx, GLenum mode,
       info.index.user = indices;
       draw.start = 0;
    } else {
+      uintptr_t start = (uintptr_t) indices;
+      if (unlikely(index_bo->Size < start)) {
+         _mesa_warning(ctx, "Invalid indices offset 0x%" PRIxPTR
+                            " (indices buffer size is %ld bytes)."
+                            " Draw skipped.", start, index_bo->Size);
+         return;
+      }
       info.index.gl_bo = index_bo;
-      draw.start = (uintptr_t)indices >> index_size_shift;
+      draw.start = start >> index_size_shift;
    }
    draw.index_bias = basevertex;