[Mesa-dev] [PATCH] glsl: Catch subscripted calls to undeclared subroutines
George Barrett
bob at bob131.so
Sun Nov 19 10:55:10 UTC 2017
generate_array_index fails to check whether the target of a subroutine
call exists in the AST, potentially passing around null ir_rvalue
pointers eventuating in abort/segfault.
Fixes: fd01840c0bd3b22d058a65a17ad30e3b45813b60
Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=100438
---
src/compiler/glsl/ast_function.cpp | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/src/compiler/glsl/ast_function.cpp b/src/compiler/glsl/ast_function.cpp
index d1596c272e..94e0a16a9c 100644
--- a/src/compiler/glsl/ast_function.cpp
+++ b/src/compiler/glsl/ast_function.cpp
@@ -676,8 +676,13 @@ generate_array_index(void *mem_ctx, exec_list *instructions,
ir_variable *sub_var = NULL;
*function_name = array->primary_expression.identifier;
- match_subroutine_by_name(*function_name, actual_parameters,
- state, &sub_var);
+ if (!match_subroutine_by_name(*function_name, actual_parameters,
+ state, &sub_var)) {
+ _mesa_glsl_error(&loc, state, "Unknown subroutine `%s'",
+ *function_name);
+ *function_name = NULL; /* indicate error condition to caller */
+ return NULL;
+ }
ir_rvalue *outer_array_idx = idx->hir(instructions, state);
return new(mem_ctx) ir_dereference_array(sub_var, outer_array_idx);
--
2.14.3
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://lists.freedesktop.org/archives/mesa-dev/attachments/20171119/d719e5f7/attachment.sig>
More information about the mesa-dev
mailing list