Fixed invalid memory read in SSSE3 image blending code.

We need to do bounds comparison on the actual offset we're going to use with _mm_load_si128 to read 16 bytes from memory (even though we won't use the trailing bytes in the end). Task-number: QTBUG-28324 Change-Id: Id0d6094da796ca67338d8ad225fa6b2f309bbe6e Reviewed-by: Olivier Goffart <ogoffart@woboq.com>
author: Samuel Rødal <samuel.rodal@digia.com> 2012-12-14 10:52:47 +0100
committer: The Qt Project <gerrit-noreply@qt-project.org> 2012-12-14 17:12:44 +0100
commit: 52619ae7787b3c4febb73a02afa623b12edabc97 (patch)
tree: 6a2d25bfbe59a1ca73c37bddf82ee11fbe8037c9 /src/gui/painting/qdrawhelper_ssse3.cpp
parent: 7ca226c9512e8f1d11e428b24e9f91c81ad4cbe7 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/src/gui/painting/qdrawhelper_ssse3.cpp b/src/gui/painting/qdrawhelper_ssse3.cpp
index 09e0516dcb..9f80c70fcc 100644
--- a/src/gui/painting/qdrawhelper_ssse3.cpp
+++ b/src/gui/painting/qdrawhelper_ssse3.cpp
@@ -60,7 +60,7 @@ inline static void blend_pixel(quint32 &dst, const quint32 src)
    shift (4, 8, 12). Checking the alignment inside the loop is unfortunatelly way too slow.
  */
 #define BLENDING_LOOP(palignrOffset, length)\
-    for (; x < length-3; x += 4) { \
+    for (; x-minusOffsetToAlignSrcOn16Bytes < length-7; x += 4) { \
         const __m128i srcVectorLastLoaded = _mm_load_si128((__m128i *)&src[x - minusOffsetToAlignSrcOn16Bytes + 4]);\
         const __m128i srcVector = _mm_alignr_epi8(srcVectorLastLoaded, srcVectorPrevLoaded, palignrOffset); \
         const __m128i srcVectorAlpha = _mm_and_si128(srcVector, alphaMask); \
author	Samuel Rødal <samuel.rodal@digia.com>	2012-12-14 10:52:47 +0100
committer	The Qt Project <gerrit-noreply@qt-project.org>	2012-12-14 17:12:44 +0100
commit	52619ae7787b3c4febb73a02afa623b12edabc97 (patch)
tree	6a2d25bfbe59a1ca73c37bddf82ee11fbe8037c9 /src/gui/painting/qdrawhelper_ssse3.cpp
parent	7ca226c9512e8f1d11e428b24e9f91c81ad4cbe7 (diff)