From d16a73001fa937734f4e96b693f9e36627f4ac38 Mon Sep 17 00:00:00 2001 From: Anthony Ramine Date: Mon, 16 Apr 2018 16:23:13 +0200 Subject: [PATCH] Check the bound buffer element array only for count > 0 in gl.drawElements See https://www.khronos.org/registry/webgl/specs/latest/1.0/#6.2 --- .../script/dom/webglrenderingcontext.rs | 24 ++++++++++--------- 1 file changed, 13 insertions(+), 11 deletions(-) diff --git a/components/script/dom/webglrenderingcontext.rs b/components/script/dom/webglrenderingcontext.rs index 6529e94de6b..ce09fda8943 100644 --- a/components/script/dom/webglrenderingcontext.rs +++ b/components/script/dom/webglrenderingcontext.rs @@ -2183,19 +2183,21 @@ impl WebGLRenderingContextMethods for WebGLRenderingContext { return self.webgl_error(InvalidOperation); } - if let Some(array_buffer) = self.bound_buffer_element_array.get() { - // WebGL Spec: check buffer overflows, must be a valid multiple of the size. - let val = offset as u64 + (count as u64 * type_size as u64); - if val > array_buffer.capacity() as u64 { + if count > 0 { + if let Some(array_buffer) = self.bound_buffer_element_array.get() { + // WebGL Spec: check buffer overflows, must be a valid multiple of the size. + let val = offset as u64 + (count as u64 * type_size as u64); + if val > array_buffer.capacity() as u64 { + return self.webgl_error(InvalidOperation); + } + } else { + // From the WebGL spec + // + // a non-null WebGLBuffer must be bound to the ELEMENT_ARRAY_BUFFER binding point + // or an INVALID_OPERATION error will be generated. + // return self.webgl_error(InvalidOperation); } - } else { - // From the WebGL spec - // - // a non-null WebGLBuffer must be bound to the ELEMENT_ARRAY_BUFFER binding point - // or an INVALID_OPERATION error will be generated. - // - return self.webgl_error(InvalidOperation); } if !self.validate_framebuffer_complete() {