From 7240c18554fa2f3925e7d03debaab48fc8500a19 Mon Sep 17 00:00:00 2001 From: Samson <16504129+sagudev@users.noreply.github.com> Date: Mon, 17 Feb 2025 20:38:00 +0100 Subject: [PATCH] fix(naga): Forbid negative indexing in `const` expressions (#7155) Signed-off-by: sagudev <16504129+sagudev@users.noreply.github.com> --- naga/src/valid/expression.rs | 27 ++++++++++++++------------- 1 file changed, 14 insertions(+), 13 deletions(-) diff --git a/naga/src/valid/expression.rs b/naga/src/valid/expression.rs index 9ef3a9edfb..b0c54a3df4 100644 --- a/naga/src/valid/expression.rs +++ b/naga/src/valid/expression.rs @@ -280,25 +280,26 @@ impl super::Validator { } } - // If we know both the length and the index, we can do the - // bounds check now. - if let crate::proc::IndexableLength::Known(known_length) = - base_type.indexable_length(module)? + // If index is const we can do check for non-negative index + match module + .to_ctx() + .eval_expr_to_u32_from(index, &function.expressions) { - match module - .to_ctx() - .eval_expr_to_u32_from(index, &function.expressions) - { - Ok(value) => { + Ok(value) => { + // If we know both the length and the index, we can do the + // bounds check now. + if let crate::proc::IndexableLength::Known(known_length) = + base_type.indexable_length(module)? + { if value >= known_length { return Err(ExpressionError::IndexOutOfBounds(base, value)); } } - Err(crate::proc::U32EvalError::Negative) => { - return Err(ExpressionError::NegativeIndex(base)) - } - Err(crate::proc::U32EvalError::NonConst) => {} } + Err(crate::proc::U32EvalError::Negative) => { + return Err(ExpressionError::NegativeIndex(base)) + } + Err(crate::proc::U32EvalError::NonConst) => {} } ShaderStages::all()