Mesa (master): nir/serialize: Prevent writing uninitialized state_slot data

GitLab Mirror gitlab-mirror at kemper.freedesktop.org
Mon Mar 11 14:21:23 UTC 2019 

Module: Mesa
Branch: master
Commit: d086d16b8165244db53f20dbf60c921f4bb38f38
URL:    http://cgit.freedesktop.org/mesa/mesa/commit/?id=d086d16b8165244db53f20dbf60c921f4bb38f38

Author: Connor Abbott <cwabbott0 at gmail.com>
Date:   Fri Mar  8 13:05:53 2019 +0100

nir/serialize: Prevent writing uninitialized state_slot data

The nir_state_slot struct had some padding that was never initialized.
Serializing the individual parts of the struct is more robust and avoids
the overhead of zeroing it at creation, so just do that.

Reviewed-by: Jason Ekstrand <jason at jlekstrand.net>

---

 src/compiler/nir/nir_serialize.c | 19 ++++++++++++++-----
 1 file changed, 14 insertions(+), 5 deletions(-)

diff --git a/src/compiler/nir/nir_serialize.c b/src/compiler/nir/nir_serialize.c
index 743eeaed3d5..840a1572786 100644
--- a/src/compiler/nir/nir_serialize.c
+++ b/src/compiler/nir/nir_serialize.c
@@ -141,8 +141,11 @@ write_variable(write_ctx *ctx, const nir_variable *var)
       blob_write_string(ctx->blob, var->name);
    blob_write_bytes(ctx->blob, (uint8_t *) &var->data, sizeof(var->data));
    blob_write_uint32(ctx->blob, var->num_state_slots);
-   blob_write_bytes(ctx->blob, (uint8_t *) var->state_slots,
-                    var->num_state_slots * sizeof(nir_state_slot));
+   for (unsigned i = 0; i < var->num_state_slots; i++) {
+      for (unsigned j = 0; j < STATE_LENGTH; j++)
+         blob_write_uint32(ctx->blob, var->state_slots[i].tokens[j]);
+      blob_write_uint32(ctx->blob, var->state_slots[i].swizzle);
+   }
    blob_write_uint32(ctx->blob, !!(var->constant_initializer));
    if (var->constant_initializer)
       write_constant(ctx, var->constant_initializer);
@@ -172,9 +175,15 @@ read_variable(read_ctx *ctx)
    }
    blob_copy_bytes(ctx->blob, (uint8_t *) &var->data, sizeof(var->data));
    var->num_state_slots = blob_read_uint32(ctx->blob);
-   var->state_slots = ralloc_array(var, nir_state_slot, var->num_state_slots);
-   blob_copy_bytes(ctx->blob, (uint8_t *) var->state_slots,
-                   var->num_state_slots * sizeof(nir_state_slot));
+   if (var->num_state_slots != 0) {
+      var->state_slots = ralloc_array(var, nir_state_slot,
+                                      var->num_state_slots);
+      for (unsigned i = 0; i < var->num_state_slots; i++) {
+         for (unsigned j = 0; j < STATE_LENGTH; j++)
+            var->state_slots[i].tokens[j] = blob_read_uint32(ctx->blob);
+         var->state_slots[i].swizzle = blob_read_uint32(ctx->blob);
+      }
+   }
    bool has_const_initializer = blob_read_uint32(ctx->blob);
    if (has_const_initializer)
       var->constant_initializer = read_constant(ctx, var);

More information about the mesa-commit mailing list