DescriptionPassthrough CmdDecoder: Use robust CompressedTex(Sub)Image
A compromised renderer would have been able to crash ANGLE by sending a
0 shmem ID and non 0 shmem offset for CompressedTex(Sub)Image commands,
with no unpack buffer bound. Use the newly added RobustANGLE entry
points that check enough data is passed.
BUG=chromium:602688
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.android:android_optional_gpu_tests_rel;master.tryserver.chromium.linux:linux_optional_gpu_tests_rel;master.tryserver.chromium.mac:mac_optional_gpu_tests_rel;master.tryserver.chromium.win:win_optional_gpu_tests_rel
Review-Url: https://codereview.chromium.org/2826143003
Cr-Commit-Position: refs/heads/master@{#466042}
Committed: https://chromium.googlesource.com/chromium/src/+/7cc769d230580677418d35623a89fc6ae60c7167
Patch Set 1 #
Total comments: 2
Patch Set 2 : Manually add glCompressedTexSubImage3DRobustANGLE to gl_mack.h because it has more than the 10 args… #
Messages
Total messages: 19 (9 generated)
|