wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity

Bug 911850 - BindBufferRange should check for out-of-bounds range - r=jgilbert

Browse Source
This commit is contained in:
Benoit Jacob 2013-09-04 08:14:37 -04:00
parent d42c57edae
commit aa0bf1b2ae
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
content/canvas/src/WebGLContextBuffers.cpp
View File

@ -113,6 +113,12 @@ WebGLContext::BindBufferRange(WebGLenum target, WebGLuint index, WebGLBuffer* bu
} else if (target != buffer->Target()) { } else if (target != buffer->Target()) {
return ErrorInvalidOperation("bindBuffer: buffer already bound to a different target"); return ErrorInvalidOperation("bindBuffer: buffer already bound to a different target");
} }
CheckedInt<WebGLsizeiptr> checked_neededByteLength = CheckedInt<WebGLsizeiptr>(offset) + size;
if (!checked_neededByteLength.isValid() ||
checked_neededByteLength.value() > buffer->ByteLength())
{
return ErrorInvalidValue("bindBufferRange: invalid range");
}
} }
WebGLRefPtr<WebGLBuffer>* bufferSlot = GetBufferSlotByTarget(target, "bindBuffer"); WebGLRefPtr<WebGLBuffer>* bufferSlot = GetBufferSlotByTarget(target, "bindBuffer");