util: Limit the stack walk to avoid referencing undefined memory.

author: José Fonseca <jfonseca@vmware.com> 2009-04-30 13:10:58 +0100
committer: Keith Whitwell <keithw@vmware.com> 2009-05-08 14:57:27 +0100
commit: be3f9dd26cf59cadc21e4d5cc27dd199c9752b1c (patch)
tree: e7ef76ab8b2e77ad1212ad2ca55322fa436141d1 /src/gallium/auxiliary
parent: f628d7f5eebe9743f85ea8edf7c09b32cf393e4a (diff)
1 files changed, 10 insertions, 1 deletions
diff --git a/src/gallium/auxiliary/util/u_debug_stack.c b/src/gallium/auxiliary/util/u_debug_stack.c
index e9891fde8a..528a1c394b 100644
--- a/src/gallium/auxiliary/util/u_debug_stack.c
+++ b/src/gallium/auxiliary/util/u_debug_stack.c
@@ -62,6 +62,8 @@ debug_backtrace_capture(struct debug_stack_frame *backtrace,
    
 #ifdef PIPE_ARCH_X86
    while(nr_frames) {
+      const void **next_frame_pointer;
+
       if(!frame_pointer)
          break;
       
@@ -72,7 +74,14 @@ debug_backtrace_capture(struct debug_stack_frame *backtrace,
          --nr_frames;
       }
       
-      frame_pointer = (const void **)frame_pointer[0];
+      next_frame_pointer = (const void **)frame_pointer[0];
+      
+      /* Limit the stack walk to avoid referencing undefined memory */
+      if((uintptr_t)next_frame_pointer <= (uintptr_t)frame_pointer ||
+         (uintptr_t)next_frame_pointer > (uintptr_t)frame_pointer + 64*1024)
+         break;
+      
+      frame_pointer = next_frame_pointer;
    }
 #endif
author	José Fonseca <jfonseca@vmware.com>	2009-04-30 13:10:58 +0100
committer	Keith Whitwell <keithw@vmware.com>	2009-05-08 14:57:27 +0100
commit	be3f9dd26cf59cadc21e4d5cc27dd199c9752b1c (patch)
tree	e7ef76ab8b2e77ad1212ad2ca55322fa436141d1 /src/gallium/auxiliary
parent	f628d7f5eebe9743f85ea8edf7c09b32cf393e4a (diff)