diff options
| author | Graham Madarasz (Graham) <graham@lindenlab.com> | 2013-03-04 11:17:17 -0800 |
|---|---|---|
| committer | Graham Madarasz (Graham) <graham@lindenlab.com> | 2013-03-04 11:17:17 -0800 |
| commit | 200df870f929080e42ac07e3b2cac55ef3a7aaf2 (patch) | |
| tree | d6d33d50c459f1eac2622211c2b72879ce546a55 /indra/newview | |
| parent | 4e81a84abd2c928dbdc6c4e2a3a348494d205edf (diff) | |
| parent | e7e617f42351876e3d003f885e89d19a02ab6f48 (diff) | |
For MAINT-2303 Fix potential stack smash in llvovolume. Code Review: DaveP
Diffstat (limited to 'indra/newview')
| -rw-r--r-- | indra/newview/llvovolume.cpp | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/indra/newview/llvovolume.cpp b/indra/newview/llvovolume.cpp index 6a18534484..895808d225 100644 --- a/indra/newview/llvovolume.cpp +++ b/indra/newview/llvovolume.cpp @@ -3849,7 +3849,8 @@ void LLRiggedVolume::update(const LLMeshSkinInfo* skin, LLVOAvatar* avatar, cons LLMatrix4a mp[64]; LLMatrix4* mat = (LLMatrix4*) mp; - for (U32 j = 0; j < skin->mJointNames.size(); ++j) + U32 maxJoints = llmin(skin->mJointNames.size(), 64); + for (U32 j = 0; j < maxJoints; ++j) { LLJoint* joint = avatar->getJoint(skin->mJointNames[j]); if (joint) @@ -3904,8 +3905,11 @@ void LLRiggedVolume::update(const LLMeshSkinInfo* skin, LLVOAvatar* avatar, cons F32 w = wght[k]; LLMatrix4a src; + // Insure ref'd bone is in our clamped array of mats + llassert(idx[k] < 64); + // don't read garbage off the stack in release + if (idx[k] < 64) src.setMul(mp[idx[k]], w); - final_mat.add(src); } @@ -5042,8 +5046,8 @@ void LLVolumeGeometryManager::genDrawInfo(LLSpatialGroup* group, U32 mask, std:: flexi = flexi || facep->getViewerObject()->getVolume()->isUnique(); } + } } - } if (flexi && buffer_usage && buffer_usage != GL_STREAM_DRAW_ARB) |