Add memory bounds-check when expanding points, rects and lines to triangles #18184
Conversation
…offset instead of the pointer.
|
Since the changes only touch the software transform path, and are rather minimal, I wouldn't expect any performance loss. Self-reviewed it again, decided I'll get it in. |
| u16 *newInds = inds + vertexCount; | ||
| u16 *indsOut = newInds; | ||
| const u16 *indsIn = (const u16 *)(inds + indsOffset); | ||
| int newIndsOffset = indsOffset + vertexCount; |
There was a problem hiding this comment.
Won't this not add enough space to not overlap? Not sure if maybe it's still safe. Before it was (u16 *)x + y aka x + y * 2 and now it's x + y. Also in other places here.
-[Unknown]
There was a problem hiding this comment.
Oh duh, sloppy of me to miss. My test cases still worked somehow though..
There was a problem hiding this comment.
Actually hm, indsOffset is in 16-bit units here, since we just after add it to a u16*. But I think there might be some unclarity here, will check it all.
There was a problem hiding this comment.
Oh, I thought one of these had been changed to a u8 because of the cast, I guess. My mistake.
-[Unknown]
There was a problem hiding this comment.
Well, something was indeed wrong and I had to revert, but maybe not here. Will redo this later.
Revert "Merge pull request #18184 from hrydgard/expand-lines-mem-fix"
I keep seeing a Google Play crash report pointing to ExpandLines, it's not super common, but it should be readily fixable. My guess is that it happens when a game has already gone off-trails and is executing garbage data, since such huge line draws seem weird, but who knows.
I did this change a long time ago but never got it in for some reason. This does a little refactoring and then fixes it, I believe.
Not sure if I should push it into 1.16.3. Maybe...