diff options
author | Li Qiang <liq3ea@gmail.com> | 2017-01-07 06:21:09 -0500 |
---|---|---|
committer | Dave Airlie <airlied@redhat.com> | 2017-02-07 14:57:49 +1000 |
commit | 93761787b29f37fa627dea9082cdfc1a1ec608d6 (patch) | |
tree | a8e25ee490a32e81cdeee073957b95b538126eee /src/vrend_renderer.h | |
parent | a2f12a1b0f95b13b6f8dc3d05d7b74b4386394e4 (diff) |
renderer: fix integer overflow in create shader
As the 'pkt_length' and 'offlen' can be malicious from guest,
the vrend_create_shader function has an integer overflow, this
will make the next 'memcpy' oob access. This patch avoid this.
Signed-off-by: Li Qiang <liq3ea@gmail.com>
Signed-off-by: Dave Airlie <airlied@redhat.com>
Diffstat (limited to 'src/vrend_renderer.h')
0 files changed, 0 insertions, 0 deletions