Skip to content

VDR: Fix use after free crash#2733

Open
panos-lunarg wants to merge 4 commits intoLunarG:devfrom
panos-lunarg:VDR_fix_use_after_free_crash
Open

VDR: Fix use after free crash#2733
panos-lunarg wants to merge 4 commits intoLunarG:devfrom
panos-lunarg:VDR_fix_use_after_free_crash

Conversation

@panos-lunarg
Copy link
Contributor

@panos-lunarg panos-lunarg commented Feb 27, 2026

Reserving space in the build_infos vector should fix a crash of referencing a dangling pointer when the infoCount was larger than 1.

@panos-lunarg panos-lunarg requested a review from a team as a code owner February 27, 2026 07:57
@panos-lunarg panos-lunarg force-pushed the VDR_fix_use_after_free_crash branch from a58e9a0 to 8b53115 Compare February 27, 2026 08:01
@panos-lunarg panos-lunarg added approved-to-run-ci Can run CI check on internal LunarG machines and removed approved-to-run-ci Can run CI check on internal LunarG machines labels Feb 27, 2026
@panos-lunarg panos-lunarg force-pushed the VDR_fix_use_after_free_crash branch 5 times, most recently from 4f14e40 to c6d8064 Compare March 5, 2026 17:18
@bradgrantham-lunarg
Copy link
Contributor

bradgrantham-lunarg commented Mar 5, 2026

Does this argue that build_infos should be an unordered_map on int that is checked with at before use?

@panos-lunarg panos-lunarg force-pushed the VDR_fix_use_after_free_crash branch 2 times, most recently from ad23a12 to 90aaf35 Compare March 6, 2026 07:43
@panos-lunarg
VDR: Fix use after free crash
55629d4 
Reserving space in the build_infos vector should fix a crash of
referencing a dangling pointer when the infoCount was larger than 1.
@panos-lunarg
VDR: Remove return
d1161a5 
Remove return causing interruption of loop
@panos-lunarg
VDR: Fix null entry in json output
43502ae
@panos-lunarg panos-lunarg force-pushed the VDR_fix_use_after_free_crash branch from 90aaf35 to 3f12bdb Compare March 6, 2026 12:36
@panos-lunarg
Copy link
Contributor Author

panos-lunarg commented Mar 6, 2026

Does this argue that build_infos should be an unordered_map on int that is checked with at before use?

unordered_map feels like an overkill as build_infos is just an array of things that is constructed once. There's no need to search in it, or add or remove objects after it is populated.
How about moving the call to reserve in the constructor? This should make it more robust

@panos-lunarg panos-lunarg force-pushed the VDR_fix_use_after_free_crash branch from 3f12bdb to 1c5c78f Compare March 7, 2026 12:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

approved-to-run-ci Can run CI check on internal LunarG machines

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@panos-lunarg @bradgrantham-lunarg