On 27 September 2016 at 16:18, Eric Engestrom <eric.engest...@imgtec.com> wrote: > On Tue, Sep 27, 2016 at 04:10:53PM +0200, Nicolai Hähnle wrote: >> On 27.09.2016 14:40, Emil Velikov wrote: >> > From: Emil Velikov <emil.veli...@collabora.com> >> > >> > Otherwise one can overflow the signed variable and (attempt to) cause >> > all sorts of strange behaviour. >> >> As long as we're worrying about such things, shouldn't it really be a size_t >> then? With that, > > Agreed, and you can also have my r-b. > > One question though: why these specific `i`s? There are plenty more `i`s > (in these files) that could use the same treatment, not to mention other > variables. > It's not as if these are the most overflow-critical either: I'm pretty > sure if we have >INT_MAX attributes, we have more pressing problems than > overflowing the attrib counter :P The gripe is about (possible) intentional abuse of the attrib_list, using which one can use to read/modify the stack*. Nobody in their right might is (should be) using more than UINT_MAX attributes, so size_t won't bring much. But if you insist...
I've went ahead with a simple grep for EGL_NONE although one could expand things throughout egl (and mesa as a whole). Feel free to pursue :-) -Emil * Haven't bothered coming up with specific attack and I'm not 100% sure it's possible in all the cases. _______________________________________________ mesa-dev mailing list mesa-dev@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/mesa-dev
