From 7b5bb97cefbf1d0cfef28bc974ee9a68024e3b45 Mon Sep 17 00:00:00 2001 From: Eduardo Lima Mitev Date: Thu, 5 Mar 2015 09:20:11 +0100 Subject: [PATCH] mesa: Set the correct image size in _mesa_validate_pbo_access() _mesa_validate_pbo_access() provides a generic way to check that a requested pixel transfer operation on a PBO falls within the boundaries of the buffer. It is used in various other places, and depending on the caller, some arguments are used or not. In particular, the 'clientMemSize' argument is used only by calls that are knowledgeable of the total size of the user data involved in a pixel transfer, such as the case of compressed texture image calls. Other calls don't provide 'clientMemSize' directly since it is made implicit from the size and format of the texture, and its data type. In these cases, a sufficiently big value is passed to 'clientMemSize' (INT_MAX) to avoid an incorrect constrain. The problem is that _mesa_validate_pbo_access() use uint pointers to make the calculations, which are 64 bits long in 64 bits platforms, meanwhile the dummy INT_MAX passed in 'clientMemSize' is just 32 bits. This causes a constrain that is not desired. This patch fixes that by checking that if 'clientMemSize' is MAX_INT, then UINTPTR_MAX is assumed instead. This is an ugly workaround to the fact that _mesa_validate_pbo_access() intends to be a one function fits all. The clean solution here would be to break it into different functions that provide the adequate API for each of the possible code paths and validation needs. Since there are callers relying on passing INT_MAX to 'clientMemSize', this patch is necessary to deal with the problem above while a cleaner implementation of the PBO API is not implemented. Reviewed-by: Laura Ekstrand --- src/mesa/main/pbo.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/mesa/main/pbo.c b/src/mesa/main/pbo.c index 5c906ed..259f763 100644 --- a/src/mesa/main/pbo.c +++ b/src/mesa/main/pbo.c @@ -80,7 +80,7 @@ _mesa_validate_pbo_access(GLuint dimensions, */ if (!_mesa_is_bufferobj(pack->BufferObj)) { offset = 0; - size = clientMemSize; + size = (clientMemSize == INT_MAX) ? UINTPTR_MAX : clientMemSize; } else { offset = (uintptr_t)ptr; size = pack->BufferObj->Size; -- 2.7.4