diff options
| author | Samuel Rodal <samuel.rodal@digia.com> | 2013-04-19 16:06:14 (GMT) |
|---|---|---|
| committer | The Qt Project <gerrit-noreply@qt-project.org> | 2013-04-22 15:29:32 (GMT) |
| commit | ea1521a490e6e6c2830eb8e072e80c554a91a439 (patch) | |
| tree | c82fc5775be64aa25d120ff305c9adb54d083f3d /src | |
| parent | 3e4c589d2f067482e5c46180b48bc7a94a96c4e6 (diff) | |
| download | Qt-ea1521a490e6e6c2830eb8e072e80c554a91a439.zip Qt-ea1521a490e6e6c2830eb8e072e80c554a91a439.tar.gz Qt-ea1521a490e6e6c2830eb8e072e80c554a91a439.tar.bz2 | |
Fixed invalid memory read in SSSE3 image blending code.
We need to do bounds comparison on the actual offset we're going to use
with _mm_load_si128 to read 16 bytes from memory (even though we won't
use the trailing bytes in the end).
Task-number: QTBUG-28324
(cherry-picked from qtbase commit 52619ae7787b3c4febb73a02afa623b12edabc97)
Change-Id: I705ae191312e5ffe25e45caea71ada73ec97f68d
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Diffstat (limited to 'src')
| -rw-r--r-- | src/gui/painting/qdrawhelper_ssse3.cpp | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/gui/painting/qdrawhelper_ssse3.cpp b/src/gui/painting/qdrawhelper_ssse3.cpp index 33d436a..0c88850 100644 --- a/src/gui/painting/qdrawhelper_ssse3.cpp +++ b/src/gui/painting/qdrawhelper_ssse3.cpp @@ -60,7 +60,7 @@ inline static void blend_pixel(quint32 &dst, const quint32 src) shift (4, 8, 12). Checking the alignment inside the loop is unfortunatelly way too slow. */ #define BLENDING_LOOP(palignrOffset, length)\ - for (; x < length-3; x += 4) { \ + for (; x-minusOffsetToAlignSrcOn16Bytes < length-7; x += 4) { \ const __m128i srcVectorLastLoaded = _mm_load_si128((__m128i *)&src[x - minusOffsetToAlignSrcOn16Bytes + 4]);\ const __m128i srcVector = _mm_alignr_epi8(srcVectorLastLoaded, srcVectorPrevLoaded, palignrOffset); \ const __m128i srcVectorAlpha = _mm_and_si128(srcVector, alphaMask); \ |