diff options
| author | Anthony Ramine <n.oxyde@gmail.com> | 2018-09-20 12:55:47 +0200 |
|---|---|---|
| committer | Anthony Ramine <n.oxyde@gmail.com> | 2018-09-20 15:00:47 +0200 |
| commit | 60c93cfabe20acb08444c8e73a7c7e9e46f194ea (patch) | |
| tree | 07cf81a4acd3681cfe0092fab92b2c651163023f /components/script/dom/webglprogram.rs | |
| parent | d60b14bed5085598a25f016c96c4789a5b01f6e1 (diff) | |
| download | servo-60c93cfabe20acb08444c8e73a7c7e9e46f194ea.tar.gz servo-60c93cfabe20acb08444c8e73a7c7e9e46f194ea.zip | |
Validate GLSL names (fixes #21287)
Diffstat (limited to 'components/script/dom/webglprogram.rs')
| -rw-r--r-- | components/script/dom/webglprogram.rs | 89 |
1 files changed, 67 insertions, 22 deletions
diff --git a/components/script/dom/webglprogram.rs b/components/script/dom/webglprogram.rs index 3c2a17ca4fb..5f857188481 100644 --- a/components/script/dom/webglprogram.rs +++ b/components/script/dom/webglprogram.rs @@ -14,7 +14,7 @@ use dom::bindings::root::{DomRoot, MutNullableDom}; use dom::bindings::str::DOMString; use dom::webglactiveinfo::WebGLActiveInfo; use dom::webglobject::WebGLObject; -use dom::webglrenderingcontext::{MAX_UNIFORM_AND_ATTRIBUTE_LEN, WebGLRenderingContext}; +use dom::webglrenderingcontext::WebGLRenderingContext; use dom::webglshader::WebGLShader; use dom::webgluniformlocation::WebGLUniformLocation; use dom_struct::dom_struct; @@ -268,12 +268,11 @@ impl WebGLProgram { if self.is_deleted() { return Err(WebGLError::InvalidOperation); } - if name.len() > MAX_UNIFORM_AND_ATTRIBUTE_LEN { - return Err(WebGLError::InvalidValue); - } - // Check if the name is reserved - if name.starts_with("gl_") || name.starts_with("webgl") || name.starts_with("_webgl_") { + if !validate_glsl_name(&name)? { + return Ok(()); + } + if name.starts_with("gl_") { return Err(WebGLError::InvalidOperation); } @@ -325,17 +324,11 @@ impl WebGLProgram { if !self.is_linked() || self.is_deleted() { return Err(WebGLError::InvalidOperation); } - if name.len() > MAX_UNIFORM_AND_ATTRIBUTE_LEN { - return Err(WebGLError::InvalidValue); - } - // Check if the name is reserved - if name.starts_with("gl_") { + if !validate_glsl_name(&name)? { return Ok(-1); } - - // https://www.khronos.org/registry/webgl/specs/latest/1.0/#GLSL_CONSTRUCTS - if name.starts_with("webgl_") || name.starts_with("_webgl_") { + if name.starts_with("gl_") { return Ok(-1); } @@ -356,17 +349,11 @@ impl WebGLProgram { if !self.is_linked() || self.is_deleted() { return Err(WebGLError::InvalidOperation); } - if name.len() > MAX_UNIFORM_AND_ATTRIBUTE_LEN { - return Err(WebGLError::InvalidValue); - } - // Check if the name is reserved - if name.starts_with("gl_") { + if !validate_glsl_name(&name)? { return Ok(None); } - - // https://www.khronos.org/registry/webgl/specs/latest/1.0/#GLSL_CONSTRUCTS - if name.starts_with("webgl_") || name.starts_with("_webgl_") { + if name.starts_with("gl_") { return Ok(None); } @@ -459,6 +446,62 @@ impl Drop for WebGLProgram { } } +fn validate_glsl_name(name: &str) -> WebGLResult<bool> { + if name.is_empty() { + return Ok(false); + } + if name.len() > MAX_UNIFORM_AND_ATTRIBUTE_LEN { + return Err(WebGLError::InvalidValue); + } + for c in name.chars() { + validate_glsl_char(c)?; + } + if name.starts_with("webgl_") || name.starts_with("_webgl_") { + return Err(WebGLError::InvalidOperation); + } + Ok(true) +} + +fn validate_glsl_char(c: char) -> WebGLResult<()> { + match c { + 'a'..='z' | + 'A'..='Z' | + '0'..='9' | + ' ' | + '\t' | + '\u{11}' | + '\u{12}' | + '\r' | + '\n' | + '_' | + '.' | + '+' | + '-' | + '/' | + '*' | + '%' | + '<' | + '>' | + '[' | + ']' | + '(' | + ')' | + '{' | + '}' | + '^' | + '|' | + '&' | + '~' | + '=' | + '!' | + ':' | + ';' | + ',' | + '?' => Ok(()), + _ => Err(WebGLError::InvalidValue), + } +} + fn parse_uniform_name(name: &str) -> Option<(&str, Option<i32>)> { if !name.ends_with(']') { return Some((name, None)); @@ -469,3 +512,5 @@ fn parse_uniform_name(name: &str) -> Option<(&str, Option<i32>)> { .ok()?; Some((&name[..bracket_pos], Some(index))) } + +pub const MAX_UNIFORM_AND_ATTRIBUTE_LEN: usize = 256; |