From 5ae0b19489e739b1bca2588e7341e1e242595280 Mon Sep 17 00:00:00 2001 From: Jim Blandy Date: Thu, 6 Oct 2022 11:04:31 -0700 Subject: [PATCH] vulkan: Don't use pointer to dropped PhysicalDeviceDriverProperties. Detected by ASAN, but seems impossible to exploit. Since `ash::vk::definitions::PhysicalDeviceDriverProperties` is `Copy`, the statement if let Some(driver) = phd_capabilities.driver { ... } actually makes `driver` a local copy of the struct. The code uses `as_ptr` to create a pointer to the `driver_name` field of this local copy, and then tries to use that pointer outside the `if let`, when the local copy has gone out of scope. This is UB. Taking a reference to the properties struct is correct and more efficient. --- wgpu-hal/src/vulkan/adapter.rs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/wgpu-hal/src/vulkan/adapter.rs b/wgpu-hal/src/vulkan/adapter.rs index 157c3717411..bfb86f914fb 100644 --- a/wgpu-hal/src/vulkan/adapter.rs +++ b/wgpu-hal/src/vulkan/adapter.rs @@ -907,7 +907,7 @@ impl super::Instance { _ => wgt::DeviceType::Other, }, driver: unsafe { - let driver_name = if let Some(driver) = phd_capabilities.driver { + let driver_name = if let Some(ref driver) = phd_capabilities.driver { CStr::from_ptr(driver.driver_name.as_ptr()).to_str().ok() } else { None @@ -916,7 +916,7 @@ impl super::Instance { driver_name.unwrap_or("?").to_owned() }, driver_info: unsafe { - let driver_info = if let Some(driver) = phd_capabilities.driver { + let driver_info = if let Some(ref driver) = phd_capabilities.driver { CStr::from_ptr(driver.driver_info.as_ptr()).to_str().ok() } else { None