From 3b579d69622d53b95c6259daf0ecb4f5d2b1798b Mon Sep 17 00:00:00 2001
From: Carl Worth <cworth@cworth.org>
Date: Fri, 25 Oct 2013 15:34:17 -0700
Subject: [PATCH] Fix buffer overrun in accumulate_program_metrics

The convention for the op_metrics array in the context is that callers
do not index it directly, but instead call ctx_get_op_metrics (which
will grow tha array if needed first).
---
 metrics.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/metrics.c b/metrics.c
index c24ae3f..9f66ded 100644
--- a/metrics.c
+++ b/metrics.c
@@ -532,6 +532,7 @@ accumulate_program_metrics (metrics_op_t op, GLuint *result, GLuint size)
 
 	context_t *ctx = &current_context;
 	metrics_info_t *info = &ctx->metrics_info;
+	op_metrics_t *metrics = ctx_get_op_metrics (ctx, op);
 	unsigned char *p = (unsigned char *) result;
 
 	while (p < ((unsigned char *) result) + size)
@@ -585,7 +586,7 @@ accumulate_program_metrics (metrics_op_t op, GLuint *result, GLuint size)
 			break;
 		}
 
-		ctx->op_metrics[op].counters[group_index][counter_index] += value;
+		metrics->counters[group_index][counter_index] += value;
 	}
 }
 
-- 
2.43.0