AuroraMiddleware/SPIRV-Tools
1
0
Fork 0
mirror of https://github.com/KhronosGroup/SPIRV-Tools synced 2025-01-11 17:10:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

Avoid uninitialized access to instruction opcode (#4673)

Browse Source 
Ensures that instruction's opcode is set to something default when
parsing the module with --preserve-numeric-ids enabled. This avoids
uninitialized accesses and knock-on buffer overflows.

Fixes #4672.
This commit is contained in:
Alastair Donaldson 2022-01-04 17:33:33 +00:00 committed by GitHub
parent df2aad68b9
commit 75e53b9f68
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
source/text.cpp
View File

@ -715,6 +715,12 @@ spv_result_t GetNumericIds(const spvtools::AssemblyGrammar& grammar,
while (context.hasText()) {
spv_instruction_t inst;
// Operand parsing sometimes involves knowing the opcode of the instruction
// being parsed. A malformed input might feature such an operand *before*
// the opcode is known. To guard against accessing an uninitialized opcode,
// the instruction's opcode is initialized to a default value.
inst.opcode = SpvOpMax;
if (spvTextEncodeOpcode(grammar, &context, &inst)) {
return SPV_ERROR_INVALID_TEXT;
}