From 15c678878392f851b6d490f93229e8c08b2f2821 Mon Sep 17 00:00:00 2001
From: Tyler Kopf <TYLER@brainiumstudios.com>
Date: Tue, 12 Jul 2016 11:10:16 -0700
Subject: [PATCH] fix buffer overflow in CCGLProgram.cpp in memcmp call
 (Address Sanitizer spots it easily) - previously the flow went memcmp, if
 that != 0, do a bounds check, etc - now do a bounds check, if destSize >=
 srcSize, do memcmp, etc

---
 cocos/renderer/CCGLProgram.cpp | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/cocos/renderer/CCGLProgram.cpp b/cocos/renderer/CCGLProgram.cpp
index e889aef788..20fc359705 100644
--- a/cocos/renderer/CCGLProgram.cpp
+++ b/cocos/renderer/CCGLProgram.cpp
@@ -640,17 +640,17 @@ bool GLProgram::updateUniformLocation(GLint location, const GLvoid* data, unsign
     }
     else
     {
-        if (memcmp(element->second.first, data, bytes) == 0)
+        if (element->second.second < bytes)
         {
-            updated = false;
+            GLvoid* value = realloc(element->second.first, bytes);
+            memcpy(value, data, bytes);
+            _hashForUniforms[location] = std::make_pair(value, bytes);
         }
         else
         {
-            if (element->second.second < bytes)
+            if (memcmp(element->second.first, data, bytes) == 0)
             {
-                GLvoid* value = realloc(element->second.first, bytes);
-                memcpy(value, data, bytes );
-                _hashForUniforms[location] = std::make_pair(value, bytes);
+                updated = false;
             }
             else
                 memcpy(element->second.first, data, bytes);