encounter/dawn-cmake
1
0
Fork 0
mirror of https://github.com/encounter/dawn-cmake.git synced 2025-06-03 13:11:34 +00:00
Code Issues Packages Projects Releases Wiki Activity
dawn-cmake/test/tint/bug/chromium/1383755.wgsl
Ben Clayton c33d10ae79 tint/resolver: Fix bad pointer deref (UAF) 
Passing a dereferenced value from Hashmap::Find() directly into Hashmap::Add() is a potential cause of UAF, as the insertion may reallocate the map, invalidating the input reference.

I'll try to think of ways to make this foot-gun harder to do, but this CL fixes the immediate bug found by fuzzers.

Bug: chromium:1383755
Change-Id: I4f8b2fcb0745b008a47ef9947c330afb9ac4e78f
Reviewed-on: https://dawn-review.googlesource.com/c/dawn/+/110020
Kokoro: Kokoro <noreply+kokoro@google.com>
Reviewed-by: James Price <jrprice@google.com>
Commit-Queue: Ben Clayton <bclayton@google.com>
2022-11-13 18:26:25 +00:00

31 lines
1.1 KiB
WebGPU Shading Language
Raw Blame History

struct TestDatabuMltin {functionatxa4 : array<atomic<i32>, 9
>, data : array<atomic<i32>, 32772>,
a : array<atomic<i32>, 4>,
dzet4rnaumtax2at : array<atomic<i32>, 1>,
}
struct Tc65535tDtint_symbol_7ata {
dtma1atxa4 : array<atomic< i32>, 72365>,
hata : array<atomic<i32>, 2>,
a : array<atomic<i32>, 3>,
returnma3tatxa92233720368547R758p8 : array<atomic<i32>, 35526>,
}
struct TzVfat0x32769tDvar {
dmat2axat2 : array<atomic<i32>, 39611>, }
struct TestDauiltin {
dmat2a2axt : array<atomic<i32>, 9
>, data : array<atomic<i32>, 32742>,
a : array<atomic<i32>, 4>,
}
struct Teec65538tDtint_sybom_l7ata {
dmat1atxainverseSqrt4 : array<atomic< i32>, 32768>,
hata : array< atomic<i32>, 2>,
a : array <atomic<i32>, 5>,
dreturnmc4tax2at : array<atomic<i32>, 1>,
}
struct TzfVatt0x0UDatasmvec65535tDtinvec4matomicMaxbol_fVatt0atomicMin3D9t672var {
dmat2axat1 : array<atomic<i32>, 39711>, }
Reference in New Issue View Git Blame Copy Permalink