On Thu, 27 May 2021 at 04:15, Zebediah Figura <z.figura12(a)gmail.com> wrote:
+void CDECL wined3d_device_context_set_constant_buffers(struct wined3d_device_context *context, + enum wined3d_shader_type type, unsigned int start_idx, unsigned int count, + struct wined3d_buffer *const *buffers) { struct wined3d_state *state = context->state; - struct wined3d_buffer *prev; + unsigned int i;
- TRACE("context %p, type %#x, idx %u, buffer %p.\n", context, type, idx, buffer); + TRACE("context %p, type %#x, start_idx %u, count %u, buffers %p.\n", context, type, start_idx, count, buffers);
- if (idx >= MAX_CONSTANT_BUFFERS) + if (start_idx + count > MAX_CONSTANT_BUFFERS) { - WARN("Invalid constant buffer index %u.\n", idx); + WARN("Invalid constant buffer index %u, count %u.\n", start_idx, count); return; } "start_idx + count" can overflow. Consider e.g. "start_idx == ~0u, count = 8;". We typically write such bound checks as "if (start_idx >= MAX_CONSTANT_BUFFERS || count > MAX_CONSTANT_BUFFERS - start_idx)". We could conceivably also use something like gcc's __builtin_uadd_overflow().