diff options
author | Jamie Madill <jmadill@chromium.org> | 2014-09-19 13:17:51 -0400 |
---|---|---|
committer | Jamie Madill <jmadill@chromium.org> | 2014-09-19 18:50:53 +0000 |
commit | ee009b8ee5f35dc6cca44a30d4d6c9c65cfdb0a7 (patch) | |
tree | 0ebeb9afb7ef8cab7effee83a553f615ba7a944e /src/libGLESv2/renderer | |
parent | 2f06dbfb3f4bd815a3fe5b52638b091c1e356a04 (diff) | |
download | angle-ee009b8ee5f35dc6cca44a30d4d6c9c65cfdb0a7.tar.gz |
Fix a NULL dereference on buffer initialization.
In some cases, where the user would create a buffer with NULL (empty)
data, we would attempt to dereference NULL when drawing with the
buffer as a vertex attribute.
BUG=angle:749
Change-Id: Ied5ecbab4608c85890cdf7cc32a8dae46989e33b
Reviewed-on: https://chromium-review.googlesource.com/219090
Tested-by: Jamie Madill <jmadill@chromium.org>
Reviewed-by: Shannon Woods <shannonwoods@chromium.org>
Diffstat (limited to 'src/libGLESv2/renderer')
-rw-r--r-- | src/libGLESv2/renderer/d3d/MemoryBuffer.cpp | 2 | ||||
-rw-r--r-- | src/libGLESv2/renderer/d3d/MemoryBuffer.h | 1 | ||||
-rw-r--r-- | src/libGLESv2/renderer/d3d/d3d11/Buffer11.cpp | 11 |
3 files changed, 14 insertions, 0 deletions
diff --git a/src/libGLESv2/renderer/d3d/MemoryBuffer.cpp b/src/libGLESv2/renderer/d3d/MemoryBuffer.cpp index 301bbe8d..2b5b09a3 100644 --- a/src/libGLESv2/renderer/d3d/MemoryBuffer.cpp +++ b/src/libGLESv2/renderer/d3d/MemoryBuffer.cpp @@ -5,6 +5,7 @@ // #include "libGLESv2/renderer/d3d/MemoryBuffer.h" +#include "common/debug.h" #include <algorithm> #include <cstdlib> @@ -66,6 +67,7 @@ const uint8_t *MemoryBuffer::data() const uint8_t *MemoryBuffer::data() { + ASSERT(mData); return mData; } diff --git a/src/libGLESv2/renderer/d3d/MemoryBuffer.h b/src/libGLESv2/renderer/d3d/MemoryBuffer.h index 2484c074..c65f79fe 100644 --- a/src/libGLESv2/renderer/d3d/MemoryBuffer.h +++ b/src/libGLESv2/renderer/d3d/MemoryBuffer.h @@ -21,6 +21,7 @@ class MemoryBuffer bool resize(size_t size); size_t size() const; + bool empty() const { return mSize == 0; } const uint8_t *data() const; uint8_t *data(); diff --git a/src/libGLESv2/renderer/d3d/d3d11/Buffer11.cpp b/src/libGLESv2/renderer/d3d/d3d11/Buffer11.cpp index c612ddd0..43ce5ba8 100644 --- a/src/libGLESv2/renderer/d3d/d3d11/Buffer11.cpp +++ b/src/libGLESv2/renderer/d3d/d3d11/Buffer11.cpp @@ -233,6 +233,17 @@ void *Buffer11::getData() mReadUsageCount = 0; + // Only happens if we initialized the buffer with no data (NULL) + if (mResolvedData.empty()) + { + if (!mResolvedData.resize(mSize)) + { + return gl::error(GL_OUT_OF_MEMORY, (void*)NULL); + } + } + + ASSERT(mResolvedData.size() >= mSize); + return mResolvedData.data(); } |