[webkit-changes] [264713] trunk/Source/WebCore

Wed, 22 Jul 2020 11:26:35 -0700

Title: [264713] trunk/Source/WebCore
Revision
264713
Author
commit-qu...@webkit.org
Date
2020-07-22 11:25:43 -0700 (Wed, 22 Jul 2020)

Log Message

Fix validation of deleted WebGL objects
https://bugs.webkit.org/show_bug.cgi?id=214622

Patch by James Darpinian <jdarpin...@chromium.org> on 2020-07-22
Reviewed by Dean Jackson.

Programs and shaders need to be validated differently than other WebGL objects.
Using a deleted WebGL object should cause an INVALID_OPERATION error, except
for programs and shaders which should be INVALID_VALUE.

* html/canvas/WebGL2RenderingContext.cpp:
(WebCore::WebGL2RenderingContext::getFragDataLocation):
(WebCore::WebGL2RenderingContext::transformFeedbackVaryings):
(WebCore::WebGL2RenderingContext::getTransformFeedbackVarying):
(WebCore::WebGL2RenderingContext::getUniformIndices):
(WebCore::WebGL2RenderingContext::getActiveUniforms):
(WebCore::WebGL2RenderingContext::getUniformBlockIndex):
(WebCore::WebGL2RenderingContext::getActiveUniformBlockParameter):
(WebCore::WebGL2RenderingContext::getActiveUniformBlockName):
(WebCore::WebGL2RenderingContext::uniformBlockBinding):
* html/canvas/WebGLRenderingContextBase.cpp:
(WebCore::WebGLRenderingContextBase::attachShader):
(WebCore::WebGLRenderingContextBase::bindAttribLocation):
(WebCore::WebGLRenderingContextBase::compileShader):
(WebCore::WebGLRenderingContextBase::detachShader):
(WebCore::WebGLRenderingContextBase::validateWebGLObject):
(WebCore::WebGLRenderingContextBase::validateWebGLProgramOrShader):
(WebCore::WebGLRenderingContextBase::getActiveAttrib):
(WebCore::WebGLRenderingContextBase::getActiveUniform):
(WebCore::WebGLRenderingContextBase::getAttachedShaders):
(WebCore::WebGLRenderingContextBase::getAttribLocation):
(WebCore::WebGLRenderingContextBase::getProgramParameter):
(WebCore::WebGLRenderingContextBase::getProgramInfoLog):
(WebCore::WebGLRenderingContextBase::getShaderParameter):
(WebCore::WebGLRenderingContextBase::getShaderInfoLog):
(WebCore::WebGLRenderingContextBase::getShaderSource):
(WebCore::WebGLRenderingContextBase::getUniform):
(WebCore::WebGLRenderingContextBase::getUniformLocation):
(WebCore::WebGLRenderingContextBase::linkProgramWithoutInvalidatingAttribLocations):
(WebCore::WebGLRenderingContextBase::shaderSource):
(WebCore::WebGLRenderingContextBase::validateProgram):
* html/canvas/WebGLRenderingContextBase.h:

Modified Paths

Diff

Modified: trunk/Source/WebCore/ChangeLog (264712 => 264713)


--- trunk/Source/WebCore/ChangeLog	2020-07-22 18:23:46 UTC (rev 264712)
+++ trunk/Source/WebCore/ChangeLog	2020-07-22 18:25:43 UTC (rev 264713)
@@ -1,3 +1,47 @@
+2020-07-22  James Darpinian  <jdarpin...@chromium.org>
+
+        Fix validation of deleted WebGL objects
+        https://bugs.webkit.org/show_bug.cgi?id=214622
+
+        Reviewed by Dean Jackson.
+
+        Programs and shaders need to be validated differently than other WebGL objects.
+        Using a deleted WebGL object should cause an INVALID_OPERATION error, except
+        for programs and shaders which should be INVALID_VALUE.
+
+        * html/canvas/WebGL2RenderingContext.cpp:
+        (WebCore::WebGL2RenderingContext::getFragDataLocation):
+        (WebCore::WebGL2RenderingContext::transformFeedbackVaryings):
+        (WebCore::WebGL2RenderingContext::getTransformFeedbackVarying):
+        (WebCore::WebGL2RenderingContext::getUniformIndices):
+        (WebCore::WebGL2RenderingContext::getActiveUniforms):
+        (WebCore::WebGL2RenderingContext::getUniformBlockIndex):
+        (WebCore::WebGL2RenderingContext::getActiveUniformBlockParameter):
+        (WebCore::WebGL2RenderingContext::getActiveUniformBlockName):
+        (WebCore::WebGL2RenderingContext::uniformBlockBinding):
+        * html/canvas/WebGLRenderingContextBase.cpp:
+        (WebCore::WebGLRenderingContextBase::attachShader):
+        (WebCore::WebGLRenderingContextBase::bindAttribLocation):
+        (WebCore::WebGLRenderingContextBase::compileShader):
+        (WebCore::WebGLRenderingContextBase::detachShader):
+        (WebCore::WebGLRenderingContextBase::validateWebGLObject):
+        (WebCore::WebGLRenderingContextBase::validateWebGLProgramOrShader):
+        (WebCore::WebGLRenderingContextBase::getActiveAttrib):
+        (WebCore::WebGLRenderingContextBase::getActiveUniform):
+        (WebCore::WebGLRenderingContextBase::getAttachedShaders):
+        (WebCore::WebGLRenderingContextBase::getAttribLocation):
+        (WebCore::WebGLRenderingContextBase::getProgramParameter):
+        (WebCore::WebGLRenderingContextBase::getProgramInfoLog):
+        (WebCore::WebGLRenderingContextBase::getShaderParameter):
+        (WebCore::WebGLRenderingContextBase::getShaderInfoLog):
+        (WebCore::WebGLRenderingContextBase::getShaderSource):
+        (WebCore::WebGLRenderingContextBase::getUniform):
+        (WebCore::WebGLRenderingContextBase::getUniformLocation):
+        (WebCore::WebGLRenderingContextBase::linkProgramWithoutInvalidatingAttribLocations):
+        (WebCore::WebGLRenderingContextBase::shaderSource):
+        (WebCore::WebGLRenderingContextBase::validateProgram):
+        * html/canvas/WebGLRenderingContextBase.h:
+
 2020-07-22  Jon Davis  <j...@apple.com>
 
         Update feature status to include the inert attribute

Modified: trunk/Source/WebCore/html/canvas/WebGL2RenderingContext.cpp (264712 => 264713)


--- trunk/Source/WebCore/html/canvas/WebGL2RenderingContext.cpp	2020-07-22 18:23:46 UTC (rev 264712)
+++ trunk/Source/WebCore/html/canvas/WebGL2RenderingContext.cpp	2020-07-22 18:25:43 UTC (rev 264713)
@@ -1499,7 +1499,7 @@
 
 GCGLint WebGL2RenderingContext::getFragDataLocation(WebGLProgram& program, const String& name)
 {
-    if (isContextLostOrPending() || !validateWebGLObject("getFragDataLocation", &program))
+    if (isContextLostOrPending() || !validateWebGLProgramOrShader("getFragDataLocation", &program))
         return -1;
     return m_context->getFragDataLocation(program.object(), name);
 }
@@ -2260,7 +2260,7 @@
 
 void WebGL2RenderingContext::transformFeedbackVaryings(WebGLProgram& program, const Vector<String>& varyings, GCGLenum bufferMode)
 {
-    if (isContextLostOrPending() || !validateWebGLObject("transformFeedbackVaryings", &program))
+    if (isContextLostOrPending() || !validateWebGLProgramOrShader("transformFeedbackVaryings", &program))
         return;
     
     switch (bufferMode) {
@@ -2283,7 +2283,7 @@
 
 RefPtr<WebGLActiveInfo> WebGL2RenderingContext::getTransformFeedbackVarying(WebGLProgram& program, GCGLuint index)
 {
-    if (isContextLostOrPending() || !validateWebGLObject("getTransformFeedbackVarying", &program))
+    if (isContextLostOrPending() || !validateWebGLProgramOrShader("getTransformFeedbackVarying", &program))
         return nullptr;
 
     GraphicsContextGL::ActiveInfo info;
@@ -2433,7 +2433,7 @@
 Optional<Vector<GCGLuint>> WebGL2RenderingContext::getUniformIndices(WebGLProgram& program, const Vector<String>& names)
 {
 #if USE(ANGLE)
-    if (isContextLostOrPending() || !validateWebGLObject("getUniformIndices", &program))
+    if (isContextLostOrPending() || !validateWebGLProgramOrShader("getUniformIndices", &program))
         return WTF::nullopt;
     return m_context->getUniformIndices(program.object(), names);
 #else
@@ -2444,7 +2444,7 @@
 
 WebGLAny WebGL2RenderingContext::getActiveUniforms(WebGLProgram& program, const Vector<GCGLuint>& uniformIndices, GCGLenum pname)
 {
-    if (isContextLostOrPending() || !validateWebGLObject("getActiveUniforms", &program))
+    if (isContextLostOrPending() || !validateWebGLProgramOrShader("getActiveUniforms", &program))
         return nullptr;
 
     Vector<GCGLint> result(uniformIndices.size(), 0);
@@ -2474,7 +2474,7 @@
 GCGLuint WebGL2RenderingContext::getUniformBlockIndex(WebGLProgram& program, const String& uniformBlockName)
 {
 #if USE(ANGLE)
-    if (isContextLostOrPending() || !validateWebGLObject("getUniformBlockIndex", &program))
+    if (isContextLostOrPending() || !validateWebGLProgramOrShader("getUniformBlockIndex", &program))
         return 0;
     return m_context->getUniformBlockIndex(program.object(), uniformBlockName);
 #else
@@ -2488,7 +2488,7 @@
 WebGLAny WebGL2RenderingContext::getActiveUniformBlockParameter(WebGLProgram& program, GCGLuint uniformBlockIndex, GCGLenum pname)
 {
 #if USE(ANGLE)
-    if (isContextLostOrPending() || !validateWebGLObject("getActiveUniformBlockParameter", &program))
+    if (isContextLostOrPending() || !validateWebGLProgramOrShader("getActiveUniformBlockParameter", &program))
         return nullptr;
     GLint result = 0;
     switch (pname) {
@@ -2524,7 +2524,7 @@
 WebGLAny WebGL2RenderingContext::getActiveUniformBlockName(WebGLProgram& program, GCGLuint index)
 {
 #if USE(ANGLE)
-    if (isContextLostOrPending() || !validateWebGLObject("getActiveUniformBlockName", &program))
+    if (isContextLostOrPending() || !validateWebGLProgramOrShader("getActiveUniformBlockName", &program))
         return String();
     if (!program.getLinkStatus()) {
         synthesizeGLError(GraphicsContextGL::INVALID_OPERATION, "getActiveUniformBlockName", "program not linked");
@@ -2545,7 +2545,7 @@
 void WebGL2RenderingContext::uniformBlockBinding(WebGLProgram& program, GCGLuint uniformBlockIndex, GCGLuint uniformBlockBinding)
 {
 #if USE(ANGLE)
-    if (isContextLostOrPending() || !validateWebGLObject("uniformBlockBinding", &program))
+    if (isContextLostOrPending() || !validateWebGLProgramOrShader("uniformBlockBinding", &program))
         return;
     m_context->uniformBlockBinding(program.object(), uniformBlockIndex, uniformBlockBinding);
 #else

Modified: trunk/Source/WebCore/html/canvas/WebGLRenderingContextBase.cpp (264712 => 264713)


--- trunk/Source/WebCore/html/canvas/WebGLRenderingContextBase.cpp	2020-07-22 18:23:46 UTC (rev 264712)
+++ trunk/Source/WebCore/html/canvas/WebGLRenderingContextBase.cpp	2020-07-22 18:25:43 UTC (rev 264713)
@@ -1306,7 +1306,7 @@
 
 void WebGLRenderingContextBase::attachShader(WebGLProgram* program, WebGLShader* shader)
 {
-    if (isContextLostOrPending() || !validateWebGLObject("attachShader", program) || !validateWebGLObject("attachShader", shader))
+    if (isContextLostOrPending() || !validateWebGLProgramOrShader("attachShader", program) || !validateWebGLProgramOrShader("attachShader", shader))
         return;
     if (!program->attachShader(shader)) {
         synthesizeGLError(GraphicsContextGL::INVALID_OPERATION, "attachShader", "shader attachment already has shader");
@@ -1318,7 +1318,7 @@
 
 void WebGLRenderingContextBase::bindAttribLocation(WebGLProgram* program, GCGLuint index, const String& name)
 {
-    if (isContextLostOrPending() || !validateWebGLObject("bindAttribLocation", program))
+    if (isContextLostOrPending() || !validateWebGLProgramOrShader("bindAttribLocation", program))
         return;
     if (!validateLocationLength("bindAttribLocation", name))
         return;
@@ -1693,7 +1693,7 @@
 
 void WebGLRenderingContextBase::compileShader(WebGLShader* shader)
 {
-    if (isContextLostOrPending() || !validateWebGLObject("compileShader", shader))
+    if (isContextLostOrPending() || !validateWebGLProgramOrShader("compileShader", shader))
         return;
     m_context->compileShader(objectOrZero(shader));
     GCGLint value;
@@ -2091,7 +2091,7 @@
 
 void WebGLRenderingContextBase::detachShader(WebGLProgram* program, WebGLShader* shader)
 {
-    if (isContextLostOrPending() || !validateWebGLObject("detachShader", program) || !validateWebGLObject("detachShader", shader))
+    if (isContextLostOrPending() || !validateWebGLProgramOrShader("detachShader", program) || !validateWebGLProgramOrShader("detachShader", shader))
         return;
     if (!program->detachShader(shader)) {
         synthesizeGLError(GraphicsContextGL::INVALID_OPERATION, "detachShader", "shader not attached");
@@ -2304,10 +2304,14 @@
 
 bool WebGLRenderingContextBase::validateWebGLObject(const char* functionName, WebGLObject* object)
 {
-    if (!object || !object->object()) {
-        synthesizeGLError(GraphicsContextGL::INVALID_VALUE, functionName, "no object or object deleted");
+    if (!object) {
+        synthesizeGLError(GraphicsContextGL::INVALID_VALUE, functionName, "object is null");
         return false;
     }
+    if (!object->object()) {
+        synthesizeGLError(GraphicsContextGL::INVALID_OPERATION, functionName, "attempt to use a deleted object");
+        return false;
+    }
     if (!object->validate(contextGroup(), *this)) {
         synthesizeGLError(GraphicsContextGL::INVALID_OPERATION, functionName, "object does not belong to this context");
         return false;
@@ -2315,6 +2319,25 @@
     return true;
 }
 
+bool WebGLRenderingContextBase::validateWebGLProgramOrShader(const char* functionName, WebGLObject* object)
+{
+    if (!object) {
+        synthesizeGLError(GraphicsContextGL::INVALID_VALUE, functionName, "program or shader is null");
+        return false;
+    }
+    // Using a deleted program or shader is INVALID_VALUE instead of INVALID_OPERATION as for
+    // other WebGL objects.
+    if (!object->object()) {
+        synthesizeGLError(GraphicsContextGL::INVALID_VALUE, functionName, "attempt to use a deleted program or shader");
+        return false;
+    }
+    if (!object->validate(contextGroup(), *this)) {
+        synthesizeGLError(GraphicsContextGL::INVALID_OPERATION, functionName, "object does not belong to this context");
+        return false;
+    }
+    return true;
+}
+
 #if !USE(ANGLE)
 bool WebGLRenderingContextBase::validateDrawArrays(const char* functionName, GCGLenum mode, GCGLint first, GCGLsizei count, GCGLsizei primitiveCount)
 {
@@ -2727,7 +2750,7 @@
 
 RefPtr<WebGLActiveInfo> WebGLRenderingContextBase::getActiveAttrib(WebGLProgram* program, GCGLuint index)
 {
-    if (isContextLostOrPending() || !validateWebGLObject("getActiveAttrib", program))
+    if (isContextLostOrPending() || !validateWebGLProgramOrShader("getActiveAttrib", program))
         return nullptr;
     GraphicsContextGL::ActiveInfo info;
     if (!m_context->getActiveAttrib(objectOrZero(program), index, info))
@@ -2740,7 +2763,7 @@
 
 RefPtr<WebGLActiveInfo> WebGLRenderingContextBase::getActiveUniform(WebGLProgram* program, GCGLuint index)
 {
-    if (isContextLostOrPending() || !validateWebGLObject("getActiveUniform", program))
+    if (isContextLostOrPending() || !validateWebGLProgramOrShader("getActiveUniform", program))
         return nullptr;
     GraphicsContextGL::ActiveInfo info;
     if (!m_context->getActiveUniform(objectOrZero(program), index, info))
@@ -2757,7 +2780,7 @@
 
 Optional<Vector<RefPtr<WebGLShader>>> WebGLRenderingContextBase::getAttachedShaders(WebGLProgram* program)
 {
-    if (isContextLostOrPending() || !validateWebGLObject("getAttachedShaders", program))
+    if (isContextLostOrPending() || !validateWebGLProgramOrShader("getAttachedShaders", program))
         return WTF::nullopt;
 
     const GCGLenum shaderTypes[] = {
@@ -2775,7 +2798,7 @@
 
 GCGLint WebGLRenderingContextBase::getAttribLocation(WebGLProgram* program, const String& name)
 {
-    if (isContextLostOrPending() || !validateWebGLObject("getAttribLocation", program))
+    if (isContextLostOrPending() || !validateWebGLProgramOrShader("getAttribLocation", program))
         return -1;
     if (!validateLocationLength("getAttribLocation", name))
         return -1;
@@ -3119,7 +3142,7 @@
 
 WebGLAny WebGLRenderingContextBase::getProgramParameter(WebGLProgram* program, GCGLenum pname)
 {
-    if (isContextLostOrPending() || !validateWebGLObject("getProgramParameter", program))
+    if (isContextLostOrPending() || !validateWebGLProgramOrShader("getProgramParameter", program))
         return nullptr;
 
     GCGLint value = 0;
@@ -3163,7 +3186,7 @@
 
 String WebGLRenderingContextBase::getProgramInfoLog(WebGLProgram* program)
 {
-    if (isContextLostOrPending() || !validateWebGLObject("getProgramInfoLog", program))
+    if (isContextLostOrPending() || !validateWebGLProgramOrShader("getProgramInfoLog", program))
         return String();
     return ensureNotNull(m_context->getProgramInfoLog(objectOrZero(program)));
 }
@@ -3235,7 +3258,7 @@
 
 WebGLAny WebGLRenderingContextBase::getShaderParameter(WebGLShader* shader, GCGLenum pname)
 {
-    if (isContextLostOrPending() || !validateWebGLObject("getShaderParameter", shader))
+    if (isContextLostOrPending() || !validateWebGLProgramOrShader("getShaderParameter", shader))
         return nullptr;
     GCGLint value = 0;
     switch (pname) {
@@ -3255,7 +3278,7 @@
 
 String WebGLRenderingContextBase::getShaderInfoLog(WebGLShader* shader)
 {
-    if (isContextLostOrPending() || !validateWebGLObject("getShaderInfoLog", shader))
+    if (isContextLostOrPending() || !validateWebGLProgramOrShader("getShaderInfoLog", shader))
         return String();
     return ensureNotNull(m_context->getShaderInfoLog(objectOrZero(shader)));
 }
@@ -3293,7 +3316,7 @@
 
 String WebGLRenderingContextBase::getShaderSource(WebGLShader* shader)
 {
-    if (isContextLostOrPending() || !validateWebGLObject("getShaderSource", shader))
+    if (isContextLostOrPending() || !validateWebGLProgramOrShader("getShaderSource", shader))
         return String();
     return ensureNotNull(shader->getSource());
 }
@@ -3329,7 +3352,7 @@
 
 WebGLAny WebGLRenderingContextBase::getUniform(WebGLProgram* program, const WebGLUniformLocation* uniformLocation)
 {
-    if (isContextLostOrPending() || !validateWebGLObject("getUniform", program))
+    if (isContextLostOrPending() || !validateWebGLProgramOrShader("getUniform", program))
         return nullptr;
     if (!uniformLocation || uniformLocation->program() != program) {
         synthesizeGLError(GraphicsContextGL::INVALID_OPERATION, "getUniform", "no uniformlocation or not valid for this program");
@@ -3527,7 +3550,7 @@
 
 RefPtr<WebGLUniformLocation> WebGLRenderingContextBase::getUniformLocation(WebGLProgram* program, const String& name)
 {
-    if (isContextLostOrPending() || !validateWebGLObject("getUniformLocation", program))
+    if (isContextLostOrPending() || !validateWebGLProgramOrShader("getUniformLocation", program))
         return nullptr;
     if (!validateLocationLength("getUniformLocation", name))
         return nullptr;
@@ -3777,7 +3800,7 @@
 
 bool WebGLRenderingContextBase::linkProgramWithoutInvalidatingAttribLocations(WebGLProgram* program)
 {
-    if (isContextLostOrPending() || !validateWebGLObject("linkProgram", program))
+    if (isContextLostOrPending() || !validateWebGLProgramOrShader("linkProgram", program))
         return false;
 
     RefPtr<WebGLShader> vertexShader = program->getAttachedShader(GraphicsContextGL::VERTEX_SHADER);
@@ -4274,7 +4297,7 @@
 
 void WebGLRenderingContextBase::shaderSource(WebGLShader* shader, const String& string)
 {
-    if (isContextLostOrPending() || !validateWebGLObject("shaderSource", shader))
+    if (isContextLostOrPending() || !validateWebGLProgramOrShader("shaderSource", shader))
         return;
 #if USE(ANGLE)
     m_context->shaderSource(objectOrZero(shader), string);
@@ -5787,7 +5810,7 @@
 
 void WebGLRenderingContextBase::validateProgram(WebGLProgram* program)
 {
-    if (isContextLostOrPending() || !validateWebGLObject("validateProgram", program))
+    if (isContextLostOrPending() || !validateWebGLProgramOrShader("validateProgram", program))
         return;
     m_context->validateProgram(objectOrZero(program));
 }

Modified: trunk/Source/WebCore/html/canvas/WebGLRenderingContextBase.h (264712 => 264713)


--- trunk/Source/WebCore/html/canvas/WebGLRenderingContextBase.h	2020-07-22 18:23:46 UTC (rev 264712)
+++ trunk/Source/WebCore/html/canvas/WebGLRenderingContextBase.h	2020-07-22 18:25:43 UTC (rev 264713)
@@ -461,6 +461,7 @@
     bool validateVertexAttributes(unsigned elementCount, unsigned primitiveCount = 0);
 
     bool validateWebGLObject(const char*, WebGLObject*);
+    bool validateWebGLProgramOrShader(const char*, WebGLObject*);
 
 #if !USE(ANGLE)
     bool validateDrawArrays(const char* functionName, GCGLenum mode, GCGLint first, GCGLsizei count, GCGLsizei primcount);

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to