From 8f2238ccbae399a20fce24c5941accced7cee8d2 Mon Sep 17 00:00:00 2001 From: Samuel Pitoiset Date: Thu, 28 Apr 2016 21:09:12 +0200 Subject: [PATCH] st/glsl_to_tgsi: fix potential crash when allocating temporaries MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit When index - t->temps_size is greater than 4096, allocating space for temporaries on demand will miserably crash. This can happen when a game uses a lot of temporaries like the recent released Tomb raider. Signed-off-by: Samuel Pitoiset Reviewed-by: Ilia Mirkin Reviewed-by: Nicolai Hähnle Cc: "11.1 11.2" --- src/mesa/state_tracker/st_glsl_to_tgsi.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/mesa/state_tracker/st_glsl_to_tgsi.cpp b/src/mesa/state_tracker/st_glsl_to_tgsi.cpp index 3c4c91b..060e854 100644 --- a/src/mesa/state_tracker/st_glsl_to_tgsi.cpp +++ b/src/mesa/state_tracker/st_glsl_to_tgsi.cpp @@ -5360,7 +5360,7 @@ dst_register(struct st_translate *t, gl_register_file file, unsigned index, case PROGRAM_TEMPORARY: /* Allocate space for temporaries on demand. */ if (index >= t->temps_size) { - const int inc = 4096; + const int inc = align(index - t->temps_size + 1, 4096); t->temps = (struct ureg_dst*) realloc(t->temps, -- 2.7.4