mesa: errors: validate the length of null terminated string

We're about to rework the meaning of gl_debug_message::length to only
store the user provided data. Thus we should add an explicit validation
for null terminated strings.

Signed-off-by: Emil Velikov <emil.l.velikov@gmail.com>
Reviewed-by: Timothy Arceri <timothy.arceri@collabora.com>

diff --git a/src/mesa/main/errors.c b/src/mesa/main/errors.c
index 9fa2c497a2eb56d4be3d5d678decb6e77c629958..a6294e3d2b374237c90acb1b990613e281053567 100644 (file)
--- a/src/mesa/main/errors.c
+++ b/src/mesa/main/errors.c
@@ -960,8 +960,22 @@ error:
 
 
 static GLboolean
-validate_length(struct gl_context *ctx, const char *callerstr, GLsizei length)
+validate_length(struct gl_context *ctx, const char *callerstr, GLsizei length,
+                const GLchar *buf)
 {
+
+   if (length < 0) {
+      GLsizei len = strlen(buf);
+
+      if (len >= MAX_DEBUG_MESSAGE_LENGTH) {
+         _mesa_error(ctx, GL_INVALID_VALUE,
+                    "%s(null terminated string length=%d, is not less than "
+                    "GL_MAX_DEBUG_MESSAGE_LENGTH=%d)", callerstr, len,
+                    MAX_DEBUG_MESSAGE_LENGTH);
+         return GL_FALSE;
+      }
+   }
+
    if (length >= MAX_DEBUG_MESSAGE_LENGTH) {
       _mesa_error(ctx, GL_INVALID_VALUE,
                  "%s(length=%d, which is not less than "
@@ -992,7 +1006,7 @@ _mesa_DebugMessageInsert(GLenum source, GLenum type, GLuint id,
 
    if (length < 0)
       length = strlen(buf);
-   if (!validate_length(ctx, callerstr, length))
+   if (!validate_length(ctx, callerstr, length, buf))
       return; /* GL_INVALID_VALUE */
 
    log_msg(ctx, gl_enum_to_debug_source(source),
@@ -1161,7 +1175,7 @@ _mesa_PushDebugGroup(GLenum source, GLuint id, GLsizei length,
 
    if (length < 0)
       length = strlen(message);
-   if (!validate_length(ctx, callerstr, length))
+   if (!validate_length(ctx, callerstr, length, message))
       return; /* GL_INVALID_VALUE */
 
    debug = _mesa_lock_debug_state(ctx);