From ad4f0f1941677c6cd78bcd14348cd99ae7dd7527 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= Date: Tue, 19 Jan 2016 14:37:50 +0100 Subject: [PATCH] renderer: reject large LOD values MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Or we could sit for a very long time in some further loops. Fix found thanks to american fuzzy lop. Signed-off-by: Marc-André Lureau --- src/vrend_renderer.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/vrend_renderer.c b/src/vrend_renderer.c index 5374f09..ab60729 100644 --- a/src/vrend_renderer.c +++ b/src/vrend_renderer.c @@ -3935,6 +3935,8 @@ static int check_resource_valid(struct vrend_renderer_resource_create_args *args /* buffer and rect textures can't have mipmaps */ if (args->target == PIPE_BUFFER || args->target == PIPE_TEXTURE_RECT) return -1; + if (args->last_level > (floor(log2(MAX2(args->width, args->width))) + 1)) + return -1; } if (args->flags != 0 && args->flags != VIRGL_RESOURCE_Y_0_TOP) return -1;