[Bf-blender-cvs] [d6b26b3fa0c] blender-v2.93-release: Fix potential buffer overrun in drw_shader_dependencies_get
Campbell Barton
noreply at git.blender.org
Fri Apr 30 07:09:03 CEST 2021
Commit: d6b26b3fa0c46c6a9d9c9e5d3816a713dfa261a7
Author: Campbell Barton
Date: Fri Apr 30 14:27:44 2021 +1000
Branches: blender-v2.93-release
https://developer.blender.org/rBd6b26b3fa0c46c6a9d9c9e5d3816a713dfa261a7
Fix potential buffer overrun in drw_shader_dependencies_get
Logical error let this function to write one past the buffer bounds.
===================================================================
M source/blender/draw/intern/draw_manager_shader.c
===================================================================
diff --git a/source/blender/draw/intern/draw_manager_shader.c b/source/blender/draw/intern/draw_manager_shader.c
index c93cbf16a30..2aad1f10154 100644
--- a/source/blender/draw/intern/draw_manager_shader.c
+++ b/source/blender/draw/intern/draw_manager_shader.c
@@ -606,10 +606,10 @@ static uint32_t drw_shader_dependencies_get(const DRWShaderLibrary *lib, const c
haystack += 16;
int dep = drw_shader_library_search(lib, haystack);
if (dep == -1) {
- char dbg_name[32];
+ char dbg_name[33];
int i = 0;
- while ((haystack[0] != ')') && (i < 31)) {
- dbg_name[i] = haystack[0];
+ while ((*haystack != ')') && (i < (sizeof(dbg_name) - 2))) {
+ dbg_name[i] = *haystack;
haystack++;
i++;
}
More information about the Bf-blender-cvs
mailing list