Lothario
/
axmol
mirror of https://github.com/axmolengine/axmol.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix buffer overflow in CCGLProgram.cpp in memcmp call (Address Sanitizer spots it easily) 

- previously the flow went memcmp, if that != 0, do a bounds check, etc
- now do a bounds check, if destSize >= srcSize, do memcmp, etc
This commit is contained in:
Tyler Kopf 2016-07-12 11:10:16 -07:00
parent b0d0a7a064
commit 15c6788783
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
cocos/renderer/CCGLProgram.cpp
View File

@ -640,17 +640,17 @@ bool GLProgram::updateUniformLocation(GLint location, const GLvoid* data, unsign
}
else
{
if (memcmp(element->second.first, data, bytes) == 0)
if (element->second.second < bytes)
{
updated = false;
GLvoid* value = realloc(element->second.first, bytes);
memcpy(value, data, bytes);
_hashForUniforms[location] = std::make_pair(value, bytes);
}
else
{
if (element->second.second < bytes)
if (memcmp(element->second.first, data, bytes) == 0)
{
GLvoid* value = realloc(element->second.first, bytes);
memcpy(value, data, bytes );
_hashForUniforms[location] = std::make_pair(value, bytes);
updated = false;
}
else
memcpy(element->second.first, data, bytes);