[SCM] WebKit Debian packaging branch, debian/experimental, updated. upstream/1.3.3-9427-gc2be6fc
oliver at apple.com
oliver at apple.com
Wed Dec 22 14:29:02 UTC 2010
The following commit has been merged in the debian/experimental branch:
commit 80b742dde133b4dfbcd763ba64d4fe1a2a457ead
Author: oliver at apple.com <oliver at apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date: Mon Oct 11 17:44:48 2010 +0000
2010-10-11 Oliver Hunt <oliver at apple.com>
Reviewed by Andreas Kling.
Incorrect handling of 0 length logs in GraphicsContext3DOpenGL.cpp
https://bugs.webkit.org/show_bug.cgi?id=47494
Working on another patch I found that there was some screwy behaviour
when dealing with logs from GL. GL_INFO_LOG_LENGTH is defined as being
zero if there is no log message, but we did not check for that case and
simply perfomed a zero sized alloc and passed the resultant buffer to
glGetShaderInfoLog, etc. glGetShaderInfoLog would then write a null
terminator to the buffer, thus causing an overflow. This is obviously
not a problem in practice as allocations are at least 4 bytes long in
all common allocators, but it is still a bug.
I also removed some unnecessary null checks following calls to fastMalloc.
* platform/graphics/opengl/GraphicsContext3DOpenGL.cpp:
(WebCore::GraphicsContext3D::getProgramInfoLog):
(WebCore::GraphicsContext3D::getShaderInfoLog):
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@69506 268f45cc-cd09-0410-ab3c-d52691b4dbfc
diff --git a/WebCore/ChangeLog b/WebCore/ChangeLog
index 995dc24..172d58d 100644
--- a/WebCore/ChangeLog
+++ b/WebCore/ChangeLog
@@ -1,3 +1,25 @@
+2010-10-11 Oliver Hunt <oliver at apple.com>
+
+ Reviewed by Andreas Kling.
+
+ Incorrect handling of 0 length logs in GraphicsContext3DOpenGL.cpp
+ https://bugs.webkit.org/show_bug.cgi?id=47494
+
+ Working on another patch I found that there was some screwy behaviour
+ when dealing with logs from GL. GL_INFO_LOG_LENGTH is defined as being
+ zero if there is no log message, but we did not check for that case and
+ simply perfomed a zero sized alloc and passed the resultant buffer to
+ glGetShaderInfoLog, etc. glGetShaderInfoLog would then write a null
+ terminator to the buffer, thus causing an overflow. This is obviously
+ not a problem in practice as allocations are at least 4 bytes long in
+ all common allocators, but it is still a bug.
+
+ I also removed some unnecessary null checks following calls to fastMalloc.
+
+ * platform/graphics/opengl/GraphicsContext3DOpenGL.cpp:
+ (WebCore::GraphicsContext3D::getProgramInfoLog):
+ (WebCore::GraphicsContext3D::getShaderInfoLog):
+
2010-10-11 Nikolas Zimmermann <nzimmermann at rim.com>
Reviewed by Andreas Kling.
diff --git a/WebCore/platform/graphics/opengl/GraphicsContext3DOpenGL.cpp b/WebCore/platform/graphics/opengl/GraphicsContext3DOpenGL.cpp
index 438312f..a1958ef 100644
--- a/WebCore/platform/graphics/opengl/GraphicsContext3DOpenGL.cpp
+++ b/WebCore/platform/graphics/opengl/GraphicsContext3DOpenGL.cpp
@@ -1161,11 +1161,11 @@ String GraphicsContext3D::getProgramInfoLog(Platform3DObject program)
makeContextCurrent();
GLint length;
::glGetProgramiv((GLuint) program, GL_INFO_LOG_LENGTH, &length);
-
+ if (!length)
+ return "";
+
GLsizei size;
GLchar* info = (GLchar*) fastMalloc(length);
- if (!info)
- return "";
::glGetProgramInfoLog((GLuint) program, length, &size, info);
String s(info);
@@ -1229,6 +1229,8 @@ String GraphicsContext3D::getShaderInfoLog(Platform3DObject shader)
makeContextCurrent();
GLint length;
::glGetShaderiv((GLuint) shader, GL_INFO_LOG_LENGTH, &length);
+ if (!length)
+ return "";
HashMap<Platform3DObject, ShaderSourceEntry>::iterator result = m_shaderSourceMap.find(shader);
@@ -1240,11 +1242,11 @@ String GraphicsContext3D::getShaderInfoLog(Platform3DObject shader)
if (entry.isValid) {
GLint length;
::glGetShaderiv((GLuint) shader, GL_INFO_LOG_LENGTH, &length);
+ if (!length)
+ return;
GLsizei size;
GLchar* info = (GLchar*) fastMalloc(length);
- if (!info)
- return "";
::glGetShaderInfoLog((GLuint) shader, length, &size, info);
--
WebKit Debian packaging
More information about the Pkg-webkit-commits
mailing list