mesa: fix Address Sanitizer (ASan) issue in _mesa_add_parameter()

If the size argument isn't a multiple of four, we would have read/
copied uninitialized memory.

Fixes an issue reported by Myles C. Maxfield <myles.maxfield@gmail.com>

diff --git a/src/mesa/program/prog_parameter.c b/src/mesa/program/prog_parameter.c
index 95b153e16bd292611b95727ccf64c764f649d44e..4d9cf08d21120513a630e1276ecc77157ff00130 100644 (file)
--- a/src/mesa/program/prog_parameter.c
+++ b/src/mesa/program/prog_parameter.c
@@ -155,7 +155,21 @@ _mesa_add_parameter(struct gl_program_parameter_list *paramList,
          p->Size = size;
          p->DataType = datatype;
          if (values) {
-            COPY_4V(paramList->ParameterValues[oldNum + i], values);
+            if (size >= 4) {
+               COPY_4V(paramList->ParameterValues[oldNum + i], values);
+            }
+            else {
+               /* copy 1, 2 or 3 values */
+               GLuint remaining = size % 4;
+               assert(remaining < 4);
+               for (j = 0; j < remaining; j++) {
+                  paramList->ParameterValues[oldNum + i][j].f = values[j].f;
+               }
+               /* fill in remaining positions with zeros */
+               for (; j < 4; j++) {
+                  paramList->ParameterValues[oldNum + i][j].f = 0.0f;
+               }
+            }
             values += 4;
             p->Initialized = GL_TRUE;
          }