Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use-after-free in C3D_BindProgram #65

Open
neobrain opened this issue Dec 17, 2023 · 1 comment
Open

Use-after-free in C3D_BindProgram #65

neobrain opened this issue Dec 17, 2023 · 1 comment

Comments

@neobrain
Copy link

Freeing a shaderProgram_s that was previously bound using C3D_BindProgram will cause the next call to C3D_BindProgram to crash, even if the original program was never used after freeing it.

The problem is C3D_Context carries around a reference to the old program for tracking dirty state, however that reference becomes invalid when that program is freed.

What makes this problem even worse is that you can't unbind a program, e.g. by calling C3D_BindProgram(nullptr), since there's no null check in that function.
@neobrain
Copy link
Author

neobrain commented Jan 3, 2024

For reference, here's a (probably) usable workaround in case anyone else comes across this issue:

void UnbindC3DProgram() {
    static DVLE_s dummy_dvle {};
    static shaderInstance_s dummy_shader = {
        .dvle = &dummy_dvle
    };
    static shaderProgram_s dummy_program = {
        .vertexShader = &dummy_shader
    };
    C3D_BindProgram(&dummy_program);
}

(This is clearly not ideal since C3D_BindProgram wasn't written to be called on placeholder programs.)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@neobrain