If the size argument isn't a multiple of four, we would have read/
copied uninitialized memory.
Fixes an issue reported by Myles C. Maxfield <myles.maxfi...@gmail.com>
---
src/mesa/program/prog_parameter.c | 16 +++++++++++++++-
1 file changed, 15 insertions(+), 1 deletion(-)
diff --git a/src/mesa/program/prog_parameter.c
b/src/mesa/program/prog_parameter.c
index 95b153e..4d9cf08 100644
--- a/src/mesa/program/prog_parameter.c
+++ b/src/mesa/program/prog_parameter.c
@@ -155,7 +155,21 @@ _mesa_add_parameter(struct gl_program_parameter_list
*paramList,
p->Size = size;
p->DataType = datatype;
if (values) {
- COPY_4V(paramList->ParameterValues[oldNum + i], values);
+ if (size >= 4) {
+ COPY_4V(paramList->ParameterValues[oldNum + i], values);
+ }
+ else {
+ /* copy 1, 2 or 3 values */
+ GLuint remaining = size % 4;
+ assert(remaining < 4);
+ for (j = 0; j < remaining; j++) {
+ paramList->ParameterValues[oldNum + i][j].f = values[j].f;
+ }
+ /* fill in remaining positions with zeros */
+ for (; j < 4; j++) {
+ paramList->ParameterValues[oldNum + i][j].f = 0.0f;
+ }
+ }
values += 4;
p->Initialized = GL_TRUE;
}
--
1.7.10.4
_______________________________________________
mesa-dev mailing list
mesa-dev@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/mesa-dev
