[Mesa-dev] [PATCH] glsl: fix bounds check in blob_overwrite_bytes

2017-05-31 Thread Rob Herring 
clang gives a warning in blob_overwrite_bytes because offset type is
size_t which is unsigned:

src/compiler/glsl/blob.c:110:15: warning: comparison of unsigned expression < 0 
is always false [-Wtautological-compare]
   if (offset < 0 || blob->size - offset < to_write)
   ~~ ^ ~

Remove the less than 0 check to fix this.

Additionally, if offset is greater than blob->size, the 2nd check would
be false due to unsigned math. Rewrite the check to avoid subtraction.

Signed-off-by: Rob Herring 
---
 src/compiler/glsl/blob.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/compiler/glsl/blob.c b/src/compiler/glsl/blob.c
index 769ebf1a0232..db3625206508 100644
--- a/src/compiler/glsl/blob.c
+++ b/src/compiler/glsl/blob.c
@@ -107,7 +107,7 @@ blob_overwrite_bytes(struct blob *blob,
  size_t to_write)
 {
/* Detect an attempt to overwrite data out of bounds. */
-   if (offset < 0 || blob->size - offset < to_write)
+   if (blob->size < offset + to_write)
   return false;
 
memcpy(blob->data + offset, bytes, to_write);
-- 
2.11.0

___
mesa-dev mailing list
mesa-dev@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/mesa-dev

Re: [Mesa-dev] [PATCH] glsl: fix bounds check in blob_overwrite_bytes

2017-06-01 Thread Iago Toral 
Reviewed-by: Iago Toral Quiroga 

On Wed, 2017-05-31 at 19:14 -0500, Rob Herring wrote:
> clang gives a warning in blob_overwrite_bytes because offset type is
> size_t which is unsigned:
> 
> src/compiler/glsl/blob.c:110:15: warning: comparison of unsigned
> expression < 0 is always false [-Wtautological-compare]
>    if (offset < 0 || blob->size - offset < to_write)
>    ~~ ^ ~
> 
> Remove the less than 0 check to fix this.
> 
> Additionally, if offset is greater than blob->size, the 2nd check
> would
> be false due to unsigned math. Rewrite the check to avoid
> subtraction.
> 
> Signed-off-by: Rob Herring 
> ---
>  src/compiler/glsl/blob.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/src/compiler/glsl/blob.c b/src/compiler/glsl/blob.c
> index 769ebf1a0232..db3625206508 100644
> --- a/src/compiler/glsl/blob.c
> +++ b/src/compiler/glsl/blob.c
> @@ -107,7 +107,7 @@ blob_overwrite_bytes(struct blob *blob,
>   size_t to_write)
>  {
> /* Detect an attempt to overwrite data out of bounds. */
> -   if (offset < 0 || blob->size - offset < to_write)
> +   if (blob->size < offset + to_write)
>    return false;
>  
> memcpy(blob->data + offset, bytes, to_write);
___
mesa-dev mailing list
mesa-dev@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/mesa-dev