diff --git a/src/dawn_native/BindGroup.cpp b/src/dawn_native/BindGroup.cpp index 46336981cb..c81a2cca11 100644 --- a/src/dawn_native/BindGroup.cpp +++ b/src/dawn_native/BindGroup.cpp @@ -38,7 +38,14 @@ namespace dawn_native { DAWN_TRY(device->ValidateObject(binding.buffer)); uint64_t bufferSize = binding.buffer->GetSize(); - uint64_t bindingSize = (binding.size == wgpu::kWholeSize) ? bufferSize : binding.size; + + // Handle wgpu::WholeSize, avoiding overflows. + if (binding.offset > bufferSize) { + return DAWN_VALIDATION_ERROR("Buffer binding doesn't fit in the buffer"); + } + uint64_t bindingSize = + (binding.size == wgpu::kWholeSize) ? bufferSize - binding.offset : binding.size; + if (bindingSize > bufferSize) { return DAWN_VALIDATION_ERROR("Buffer binding size larger than the buffer"); } diff --git a/src/tests/unittests/validation/BindGroupValidationTests.cpp b/src/tests/unittests/validation/BindGroupValidationTests.cpp index 226e121441..acf4c60b65 100644 --- a/src/tests/unittests/validation/BindGroupValidationTests.cpp +++ b/src/tests/unittests/validation/BindGroupValidationTests.cpp @@ -429,6 +429,9 @@ TEST_F(BindGroupValidationTest, BufferBindingOOB) { utils::MakeBindGroup(device, layout, {{0, buffer, 0, 1024}}); utils::MakeBindGroup(device, layout, {{0, buffer, 0, wgpu::kWholeSize}}); + // Success case, whole size causes the rest of the buffer to be used but not beyond. + utils::MakeBindGroup(device, layout, {{0, buffer, 256, wgpu::kWholeSize}}); + // Error case, offset is OOB ASSERT_DEVICE_ERROR(utils::MakeBindGroup(device, layout, {{0, buffer, 256*5, 0}})); @@ -437,7 +440,6 @@ TEST_F(BindGroupValidationTest, BufferBindingOOB) { // Error case, offset+size is OOB ASSERT_DEVICE_ERROR(utils::MakeBindGroup(device, layout, {{0, buffer, 1024, 256}})); - ASSERT_DEVICE_ERROR(utils::MakeBindGroup(device, layout, {{0, buffer, 256, wgpu::kWholeSize}})); // Error case, offset+size overflows to be 0 ASSERT_DEVICE_ERROR(utils::MakeBindGroup(device, layout, {{0, buffer, 256, uint32_t(0) - uint32_t(256)}}));