From 2655265fcba9017e793026c76e490e04db088c8f Mon Sep 17 00:00:00 2001 From: Kenneth Graunke Date: Mon, 25 Apr 2016 22:34:37 -0700 Subject: [PATCH] mesa: Fix indirect draw buffer size check on 32-bit systems. MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Fixes dEQP-GLES31.functional subtests: draw_indirect.negative.command_offset_not_in_buffer_signed32_wrap draw_indirect.negative.command_offset_not_in_buffer_unsigned32_wrap These tests use really large values that overflow GLsizeiptr, at which point the buffer size isn't less than "end". Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=95138 Signed-off-by: Kenneth Graunke Reviewed-by: Alejandro Piñeiro Reviewed-by: Mark Janes --- src/mesa/main/api_validate.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/mesa/main/api_validate.c b/src/mesa/main/api_validate.c index 2b629977644..688408f8dee 100644 --- a/src/mesa/main/api_validate.c +++ b/src/mesa/main/api_validate.c @@ -696,7 +696,7 @@ valid_draw_indirect(struct gl_context *ctx, GLenum mode, const GLvoid *indirect, GLsizei size, const char *name) { - const GLsizeiptr end = (GLsizeiptr)indirect + size; + const uint64_t end = (uint64_t) (uintptr_t) indirect + size; /* OpenGL ES 3.1 spec. section 10.5: * -- 2.30.2