From 922435f279570bf0bc45da37418b421ebbdb85c4 Mon Sep 17 00:00:00 2001
From: Chia-I Wu <olvaffe@gmail.com>
Date: Wed, 4 Nov 2020 14:59:06 -0800
Subject: [PATCH] vrend: reject capset id 0

0 is never an invalid capset id.

For an invalid capset id, we have to assume caps points to a buffer of
size 0 (what vrend_renderer_get_cap_set reports).  We can't set
caps->max_version.

Signed-off-by: Chia-I Wu <olvaffe@gmail.com>
Reviewed-by: Gert Wollny <gert.wollny@collabra.com>
---
 src/vrend_renderer.c | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/src/vrend_renderer.c b/src/vrend_renderer.c
index 2b97c94..86e58d8 100644
--- a/src/vrend_renderer.c
+++ b/src/vrend_renderer.c
@@ -10145,18 +10145,18 @@ void vrend_renderer_fill_caps(uint32_t set, UNUSED uint32_t version,
    if (!caps)
       return;
 
-   if (set > 2) {
-      caps->max_version = 0;
-      return;
-   }
-
-   if (set == 1) {
+   switch (set) {
+   case VIRGL_RENDERER_CAPSET_VIRGL:
       memset(caps, 0, sizeof(struct virgl_caps_v1));
       caps->max_version = 1;
-   } else if (set == 2) {
+      break;
+   case VIRGL_RENDERER_CAPSET_VIRGL2:
       memset(caps, 0, sizeof(*caps));
       caps->max_version = 2;
       fill_capset2 = true;
+      break;
+   default:
+      return;
    }
 
    /* We don't want to deal with stale error states that the caller might not