From 0714fbff8ff0192f501a45ea1695787c0ec24dee Mon Sep 17 00:00:00 2001 From: Dylan Baker Date: Mon, 14 Oct 2024 11:07:09 -0700 Subject: [PATCH] anv: assert that we don't read off the end color_att array Coverity notices that we've insured that index index is < MAX_RTS in one case, but that it must be greater in one case. Since `color_att_count` is a uint32_t, it can easily exceed MAX_RTS (8), and would thus create an out-of-bounds read situation. While the type system would allow this, the actually implementation shouldn't, so an assert should make Coverity happy and help us check our assumption. CID: 1620440 Fixes: d2f7b6d5a76 ("anv: implement VK_KHR_dynamic_rendering_local_read") Reviewed-by: Lionel Landwerlin Part-of: --- src/intel/vulkan/genX_cmd_buffer.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/intel/vulkan/genX_cmd_buffer.c b/src/intel/vulkan/genX_cmd_buffer.c index 4529744fa5c..8d49ad48d28 100644 --- a/src/intel/vulkan/genX_cmd_buffer.c +++ b/src/intel/vulkan/genX_cmd_buffer.c @@ -2091,6 +2091,7 @@ emit_binding_table(struct anv_cmd_buffer *cmd_buffer, cmd_buffer->state.gfx.color_output_mapping[binding->index] : binding->index; if (index < cmd_buffer->state.gfx.color_att_count) { + assert(index < MAX_RTS); const struct anv_attachment *att = &cmd_buffer->state.gfx.color_att[index]; surface_state = att->surface_state.state;