RESOLVED FIXED 169798
WebGL: Improve index validation when using uint index values 
https://bugs.webkit.org/show_bug.cgi?id=169798
Summary WebGL: Improve index validation when using uint index values
Dean Jackson
Reported 2017-03-16 17:05:01 PDT
WebGL: Improve index validation when using uint index values
Attachments
Patch (13.44 KB, patch)
2017-03-16 17:10 PDT, Dean Jackson 		no flags
DetailsFormatted DiffDiff
Patch (13.73 KB, patch)
2017-03-16 17:34 PDT, Dean Jackson 		simon.fraser: review+
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Dean Jackson
Comment 1 2017-03-16 17:05:50 PDT
<rdar://problem/31083056>
Dean Jackson
Comment 2 2017-03-16 17:10:28 PDT
Created attachment 304725 [details] Patch
Simon Fraser (smfr)
Comment 3 2017-03-16 17:15:22 PDT
Comment on attachment 304725 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=304725&action=review > Source/WebCore/html/canvas/WebGL2RenderingContext.cpp:1758 > + maxIndex = std::max(maxIndex.value(), static_cast<unsigned>(p[i])); Won't maxIndex.value() assert the first time you use it because the optional is still nullopt?
Dean Jackson
Comment 4 2017-03-16 17:34:26 PDT
Created attachment 304728 [details] Patch
Simon Fraser (smfr)
Comment 5 2017-03-16 17:36:59 PDT
Comment on attachment 304728 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=304728&action=review > Source/WebCore/html/canvas/WebGL2RenderingContext.cpp:1782 > + if (maxIndex) { You could early return here: if (!maxIndex) return false; > Source/WebCore/html/canvas/WebGLRenderingContext.cpp:757 > + std::optional<unsigned> maxIndex = elementArrayBuffer->getCachedMaxIndex(type); Why am I seeing all this code twice?
Dean Jackson
Comment 6 2017-03-16 17:51:51 PDT
Committed r214086: <http://trac.webkit.org/changeset/214086>
Dean Jackson
Comment 7 2017-03-16 17:52:44 PDT
Comment on attachment 304728 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=304728&action=review >> Source/WebCore/html/canvas/WebGL2RenderingContext.cpp:1782 >> + if (maxIndex) { > > You could early return here: if (!maxIndex) return false; done. >> Source/WebCore/html/canvas/WebGLRenderingContext.cpp:757 >> + std::optional<unsigned> maxIndex = elementArrayBuffer->getCachedMaxIndex(type); > > Why am I seeing all this code twice? Blame myles :) I think we could share most of it.
Note You need to log in before you can comment on or make changes to this bug.