Hello,
Ping!
2017-01-23 15:44 GMT+08:00 Li Qiang <liq...@gmail.com>:
> When parsing texture instruction, it doesn't stop if the
> 'cur' is ',', the loop variable 'i' will also be increased
> and be used to index the 'inst.TexOffsets' array. This can lead
> an oob access issue
Fix the leak of some ctx fields in error path.
Signed-off-by: Li Qiang <liq...@gmail.com>
---
src/gallium/auxiliary/tgsi/tgsi_sanity.c | 6 +-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/src/gallium/auxiliary/tgsi/tgsi_sanity.c
b/src/gallium/auxiliary/tgsi/tgsi_sa
When parsing texture instruction, it doesn't stop if the
'cur' is ',', the loop variable 'i' will also be increased
and be used to index the 'inst.TexOffsets' array. This can lead
an oob access issue. This patch avoid this.
Signed-off-by: Li Qiang <liq...@gmail.com>
---
src/gallium/aux
.TexOffsets' array. This can lead
> > an oob access issue. This patch avoid this.
> >
> > Signed-off-by: Li Qiang <liq...@gmail.com>
> > ---
> > src/gallium/auxiliary/tgsi/tgsi_text.c | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
&g
Fix the leak of some ctx fields in error path.
Suggested-by: Marc-Andr?? Lureau <mlur...@redhat.com>
Signed-off-by: Li Qiang <liq...@gmail.com>
---
src/gallium/auxiliary/tgsi/tgsi_sanity.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/gallium/au
In parse_identifier, it doesn't stop copying '*pcur'
untill encounter the NULL. As the 'ret' has a
fixed-size buffer, if the '*pcur' has a long string,
there will be a buffer overflow. This patch avoid this.
Signed-off-by: Li Qiang <liq...@gmail.com>
---
src/gallium/auxiliary/tgsi/tgsi_
In parse_identifier, it doesn't stop copying '*pcur' untill
encounter the NULL. As the 'ret' has a fixed-size buffer, if
the '*pcur' has a long string, there will be a buffer overflow.
This patch avoid this.
Signed-off-by: Li Qiang <liq...@gmail.com>
---
src/gallium/auxiliary/tgsi/tgsi_
In parse_identifier, it doesn't stop copying '*pcur'
untill encounter the NULL. As the 'ret' has a fixed-size
buffer, if the '*pcur' has a long string, there will be
a buffer overflow. This patch avoid this.
Signed-off-by: Li Qiang <liq...@gmail.com>
---
src/gallium/auxiliary/tgsi/tgsi_