RFR: 8289697: buffer overflow in MTLVertexCache.m: MTLVertexCache_AddGlyphQuad [v2]
Phil Race
prr at openjdk.org
Tue Jul 5 19:05:29 UTC 2022
On Tue, 5 Jul 2022 11:31:38 GMT, Vladimir Kempik <vkempik at openjdk.org> wrote:
>> Please review this simple patch. When running idea on jdk17 with asan I have found this buffer overflow.
>> The code checks the cache for at least one free element, while placing 6 elements to the cache.
>> The fix checks the presence of 6 free elements.
>
> Vladimir Kempik has updated the pull request incrementally with one additional commit since the last revision:
>
> Add the check to one more place
Are there any other cases like this ? We should look around. (PS I see Ajit asked the same question and perhaps even answered it !)
Did you find this by inspection or did you hit it ?
Can we use a defined constant instead of "6" ?
-------------
PR: https://git.openjdk.org/jdk/pull/9368
More information about the client-libs-dev
mailing list