[PATCH vkd3d 3/5] libs/vkd3d-shader: Validate DXBC data size.
Józef Kucia
joseph.kucia at gmail.com
Wed Apr 11 06:21:41 CDT 2018
From: Józef Kucia <jkucia at codeweavers.com>
Signed-off-by: Józef Kucia <jkucia at codeweavers.com>
---
libs/vkd3d-shader/dxbc.c | 12 +++++++++---
libs/vkd3d-shader/vkd3d_shader_private.h | 1 +
2 files changed, 10 insertions(+), 3 deletions(-)
diff --git a/libs/vkd3d-shader/dxbc.c b/libs/vkd3d-shader/dxbc.c
index 49e2c5020fee..0b5c3cf38076 100644
--- a/libs/vkd3d-shader/dxbc.c
+++ b/libs/vkd3d-shader/dxbc.c
@@ -1808,7 +1808,7 @@ static const char *shader_get_string(const char *data, size_t data_size, DWORD o
return data + offset;
}
-static int parse_dxbc(const char *data, SIZE_T data_size,
+static int parse_dxbc(const char *data, size_t data_size,
int (*chunk_handler)(const char *data, DWORD data_size, DWORD tag, void *ctx), void *ctx)
{
const char *ptr = data;
@@ -1819,6 +1819,12 @@ static int parse_dxbc(const char *data, SIZE_T data_size,
DWORD version;
DWORD tag;
+ if (data_size < VKD3D_DXBC_HEADER_SIZE)
+ {
+ WARN("Invalid data size %zu.\n", data_size);
+ return VKD3D_ERROR_INVALID_ARGUMENT;
+ }
+
read_dword(&ptr, &tag);
TRACE("tag: %#x.\n", tag);
@@ -1856,7 +1862,7 @@ static int parse_dxbc(const char *data, SIZE_T data_size,
if (chunk_offset >= data_size || !require_space(chunk_offset, 2, sizeof(DWORD), data_size))
{
- WARN("Invalid chunk offset %#x (data size %#lx).\n", chunk_offset, data_size);
+ WARN("Invalid chunk offset %#x (data size %zu).\n", chunk_offset, data_size);
return VKD3D_ERROR_INVALID_ARGUMENT;
}
@@ -1867,7 +1873,7 @@ static int parse_dxbc(const char *data, SIZE_T data_size,
if (!require_space(chunk_ptr - data, 1, chunk_size, data_size))
{
- WARN("Invalid chunk size %#x (data size %#lx, chunk offset %#x).\n",
+ WARN("Invalid chunk size %#x (data size %zu, chunk offset %#x).\n",
chunk_size, data_size, chunk_offset);
return VKD3D_ERROR_INVALID_ARGUMENT;
}
diff --git a/libs/vkd3d-shader/vkd3d_shader_private.h b/libs/vkd3d-shader/vkd3d_shader_private.h
index 9c43a461f29b..04e6b0961281 100644
--- a/libs/vkd3d-shader/vkd3d_shader_private.h
+++ b/libs/vkd3d-shader/vkd3d_shader_private.h
@@ -858,5 +858,6 @@ static inline unsigned int vkd3d_swizzle_get_component(DWORD swizzle,
}
#define VKD3D_DXBC_MAX_SOURCE_COUNT 6
+#define VKD3D_DXBC_HEADER_SIZE (8 * sizeof(uint32_t))
#endif /* __VKD3D_SHADER_PRIVATE_H */
--
2.16.1
More information about the wine-devel
mailing list