[virglrenderer-devel] [PATCH] renderer: check for shader_text validity
Gert Wollny
gert.wollny at collabora.com
Thu Aug 9 08:20:29 UTC 2018
Hello,
Po-Hsien Wang asked me privately to comment on the previous version of
the patch that still checked pkt_length <= 0 (which I pointed out that
it is unsigned), but I didn't realize that (a) the pkg_length refers to
dwords, and (b) AFAICS only the final chunk will be null-terminated
when long shaders are send in chunks. As it stands now all shaders will
be rejected by this test, and hence the patch should be reverted.
I'll have to look at this a little bit more, but for now I think that
the better solution would be to simply force a null-termination of the
string before passing it into tgsi_text_translate.
Best,
Gert
Am Mittwoch, den 08.08.2018, 11:08 -0700 schrieb Po-Hsien Wang:
> Add check for nonterminated string passed into the create_shader
> code.
>
> v3. Move some check to vrend_decode_create_shader
> TEST=compile and running with specific testcases.
> ---
> src/vrend_decode.c | 2 ++
> src/vrend_renderer.c | 2 ++
> 2 files changed, 4 insertions(+)
>
> diff --git a/src/vrend_decode.c b/src/vrend_decode.c
> index 06dad24..c75d732 100644
> --- a/src/vrend_decode.c
> +++ b/src/vrend_decode.c
> @@ -115,6 +115,8 @@ static int vrend_decode_create_shader(struct
> vrend_decode_ctx *ctx,
> memset(&so_info, 0, sizeof(so_info));
>
> shd_text = get_buf_ptr(ctx, shader_offset);
> + if (length < shader_offset)
> + return EINVAL;
> ret = vrend_create_shader(ctx->grctx, handle, &so_info,
> req_local_mem, (const char *)shd_text, offlen, num_tokens, type,
> length - shader_offset + 1);
>
> return ret;
> diff --git a/src/vrend_renderer.c b/src/vrend_renderer.c
> index 7c70b50..c969466 100644
> --- a/src/vrend_renderer.c
> +++ b/src/vrend_renderer.c
> @@ -2931,6 +2931,8 @@ int vrend_create_shader(struct vrend_context
> *ctx,
>
> if (type > PIPE_SHADER_COMPUTE)
> return EINVAL;
> + if (pkt_length == 0pkt_length == 0 || shd_text[pkt_length - 1] !=
> '\0')
> + return EINVAL;
>
> if (!has_feature(feat_geometry_shader) &&
> type == PIPE_SHADER_GEOMETRY)
More information about the virglrenderer-devel
mailing list