Before putting data into a buffer, we have to make sure that the data size is smaller than not only the buffer's full size but also the buffer's empty size.
https://bugs.freedesktop.org/show_bug.cgi?id=102690 Signed-off-by: Boram Park <[email protected]> Acked-by: Pekka Paalanen <[email protected]> --- src/connection.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/src/connection.c b/src/connection.c index 5c3d187..53b1621 100644 --- a/src/connection.c +++ b/src/connection.c @@ -63,14 +63,17 @@ struct wl_connection { int want_flush; }; +static uint32_t wl_buffer_size(struct wl_buffer *b); + static int wl_buffer_put(struct wl_buffer *b, const void *data, size_t count) { - uint32_t head, size; + uint32_t head, size, empty; - if (count > sizeof(b->data)) { + empty = sizeof(b->data) - wl_buffer_size(b); + if (count > empty) { wl_log("Data too big for buffer (%d > %d).\n", - count, sizeof(b->data)); + count, empty); errno = E2BIG; return -1; } -- 1.9.1 _______________________________________________ wayland-devel mailing list [email protected] https://lists.freedesktop.org/mailman/listinfo/wayland-devel
