r600: Fix stack overflow

Commit 7b5878ee0491e7a93914389a8369cd6752b9757d increased number of
outputs to 64, but left output array intact. This caused stack overflow
when number of outputs is bigger then 32. Found by ASAN.

Cc: "12.0 13.0 17.0" <mesa-stable@lists.freedesktop.org>
Reviewed-by: Nicolai Hähnle <nicolai.haehnle@amd.com>

diff --git a/src/gallium/drivers/r600/r600_shader.c b/src/gallium/drivers/r600/r600_shader.c
index b692e7f4a179f61ece20d16e640c15637f6be1dd..b80a3f8b6299cb76a05e6132f713c7c53f611da3 100644 (file)
--- a/src/gallium/drivers/r600/r600_shader.c
+++ b/src/gallium/drivers/r600/r600_shader.c
@@ -2924,7 +2924,7 @@ static int r600_shader_from_tgsi(struct r600_context *rctx,
        struct pipe_stream_output_info so = pipeshader->selector->so;
        struct tgsi_full_immediate *immediate;
        struct r600_shader_ctx ctx;
-       struct r600_bytecode_output output[32];
+       struct r600_bytecode_output output[ARRAY_SIZE(shader->output)];
        unsigned output_done, noutput;
        unsigned opcode;
        int i, j, k, r = 0;