Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / angle / 30b604d8d17480bd519fb97ec817db1e4ca90f0e^! / . / src / libANGLE / validationES.cpp
commit30b604d8d17480bd519fb97ec817db1e4ca90f0e[log] [tgz]
authorJames Darpinian <jdarpinian@chromium.org>Mon Mar 12 17:26:57 2018 -0700
committerCommit Bot <commit-bot@chromium.org>Tue Apr 03 02:42:30 2018 +0000
tree1ce5bf41f2cf5956f100c8a54609f9e797c4e8e8
parent5a7e61bbda82122cab74d1a5b80d578c1980b493 [diff] [blame]
Check that transform feedback will not overflow its buffers.

Also fix the check for uniform buffer size to use the actual buffer
size instead of the size of the bound range.

Bug: 820639
Change-Id: Iaa2a617ee7ce5ce7cfabbf64bd1d6f8c82c46b65
Reviewed-on: https://chromium-review.googlesource.com/965627
Commit-Queue: James Darpinian <jdarpinian@chromium.org>
Reviewed-by: Jamie Madill <jmadill@chromium.org>

diff --git a/src/libANGLE/validationES.cpp b/src/libANGLE/validationES.cpp
index a8d2fe3..ada0959 100644
--- a/src/libANGLE/validationES.cpp
+++ b/src/libANGLE/validationES.cpp

@@ -19,6 +19,7 @@
 #include "libANGLE/Texture.h"
 #include "libANGLE/TransformFeedback.h"
 #include "libANGLE/VertexArray.h"
+#include "libANGLE/angletypes.h"
 #include "libANGLE/formatutils.h"
 #include "libANGLE/queryconversions.h"
 #include "libANGLE/validationES2.h"
@@ -2765,13 +2766,7 @@
             return false;
         }
 
-        size_t uniformBufferSize = uniformBuffer.getSize();
-        if (uniformBufferSize == 0)
-        {
-            // Bind the whole buffer.
-            uniformBufferSize = static_cast<size_t>(uniformBuffer->getSize());
-        }
-
+        size_t uniformBufferSize = GetBoundBufferAvailableSize(uniformBuffer);
         if (uniformBufferSize < uniformBlock.dataSize)
         {
             // undefined behaviour
@@ -2838,14 +2833,23 @@
     const State &state                          = context->getGLState();
     gl::TransformFeedback *curTransformFeedback = state.getCurrentTransformFeedback();
     if (curTransformFeedback && curTransformFeedback->isActive() &&
-        !curTransformFeedback->isPaused() && curTransformFeedback->getPrimitiveMode() != mode)
+        !curTransformFeedback->isPaused())
     {
-        // It is an invalid operation to call DrawArrays or DrawArraysInstanced with a draw mode
-        // that does not match the current transform feedback object's draw mode (if transform
-        // feedback
-        // is active), (3.0.2, section 2.14, pg 86)
-        ANGLE_VALIDATION_ERR(context, InvalidOperation(), InvalidDrawModeTransformFeedback);
-        return false;
+        if (curTransformFeedback->getPrimitiveMode() != mode)
+        {
+            // It is an invalid operation to call DrawArrays or DrawArraysInstanced with a draw mode
+            // that does not match the current transform feedback object's draw mode (if transform
+            // feedback
+            // is active), (3.0.2, section 2.14, pg 86)
+            ANGLE_VALIDATION_ERR(context, InvalidOperation(), InvalidDrawModeTransformFeedback);
+            return false;
+        }
+
+        if (!curTransformFeedback->checkBufferSpaceForDraw(count, primcount))
+        {
+            ANGLE_VALIDATION_ERR(context, InvalidOperation(), TransformFeedbackBufferTooSmall);
+            return false;
+        }
     }
 
     if (!ValidateDrawBase(context, mode, count))