Stefan Dirsch
756b7868e8
0002-egl-wayland-only-supply-LINEAR-modifier-when-support.patch
0003-egl-wayland-fallback-to-implicit-modifiers-if-advert.patch
* fixes mesa 24.3.1 gallium crash/segfault on GPUs without
format modifiers (mesa issue#12253, mesa MR#32535, boo#1234302)
OBS-URL: https://build.opensuse.org/package/show/X11:XOrg/Mesa?expand=0&rev=1354
34 lines
1.3 KiB
Diff
34 lines
1.3 KiB
Diff
src/glx/glx_query.c | 13 +++++++++++++
|
|
1 file changed, 13 insertions(+)
|
|
Index: mesa-24.3.0-rc1/src/glx/glx_query.c
|
|
===================================================================
|
|
--- mesa-24.3.0-rc1.orig/src/glx/glx_query.c
|
|
+++ mesa-24.3.0-rc1/src/glx/glx_query.c
|
|
@@ -56,6 +56,13 @@ __glXQueryServerString(Display * dpy, CA
|
|
/* The spec doesn't mention this, but the Xorg server replies with
|
|
* a string already terminated with '\0'. */
|
|
uint32_t len = xcb_glx_query_server_string_string_length(reply);
|
|
+ /* Allow a max of 64kb string length */
|
|
+ size_t reply_len = strnlen(xcb_glx_query_server_string_string(reply), 64*1024);
|
|
+ if (reply_len + 1 != len)
|
|
+ {
|
|
+ free(reply);
|
|
+ return(NULL);
|
|
+ }
|
|
char *buf = malloc(len);
|
|
memcpy(buf, xcb_glx_query_server_string_string(reply), len);
|
|
free(reply);
|
|
@@ -83,6 +90,12 @@ __glXGetString(Display * dpy, CARD32 con
|
|
/* The spec doesn't mention this, but the Xorg server replies with
|
|
* a string already terminated with '\0'. */
|
|
uint32_t len = xcb_glx_get_string_string_length(reply);
|
|
+ size_t reply_len = strnlen(xcb_glx_get_string_string(reply), 64*1024);
|
|
+ if (reply_len + 1 != len)
|
|
+ {
|
|
+ free(reply);
|
|
+ return(NULL);
|
|
+ }
|
|
char *buf = malloc(len);
|
|
memcpy(buf, xcb_glx_get_string_string(reply), len);
|
|
free(reply);
|