From a41f2527ae8ae5432b99c88863fbdf2f0b5f04ad Mon Sep 17 00:00:00 2001 From: Bartosz Tomczyk Date: Mon, 30 Jan 2017 14:07:45 +0100 Subject: [PATCH] r600: Fix stack overflow MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Commit 7b5878ee0491e7a93914389a8369cd6752b9757d increased number of outputs to 64, but left output array intact. This caused stack overflow when number of outputs is bigger then 32. Found by ASAN. Cc: "12.0 13.0 17.0" Reviewed-by: Nicolai Hähnle --- src/gallium/drivers/r600/r600_shader.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/gallium/drivers/r600/r600_shader.c b/src/gallium/drivers/r600/r600_shader.c index b692e7f4a17..b80a3f8b629 100644 --- a/src/gallium/drivers/r600/r600_shader.c +++ b/src/gallium/drivers/r600/r600_shader.c @@ -2924,7 +2924,7 @@ static int r600_shader_from_tgsi(struct r600_context *rctx, struct pipe_stream_output_info so = pipeshader->selector->so; struct tgsi_full_immediate *immediate; struct r600_shader_ctx ctx; - struct r600_bytecode_output output[32]; + struct r600_bytecode_output output[ARRAY_SIZE(shader->output)]; unsigned output_done, noutput; unsigned opcode; int i, j, k, r = 0; -- 2.30.2