Closed NorbertGarnysAMD closed 6 years ago
Following code in loader_read_json_layer() (loader.c:2840 and more)
char *inst_ext_name = cJSON_Print(inst_ext_json); size_t len = strlen(inst_ext_name) >= MAX_STRING_SIZE ? MAX_STRING_SIZE - 3 : strlen(inst_ext_name) - 2;
can result in reading from 0x0 when cJSON_Print() return null pointer which is possible as it uses dynamic allocation internally. This can be triggered with dEQP-VK.api.object_management.alloc_callback_fail.instance.
Following code in loader_read_json_layer() (loader.c:2840 and more)
can result in reading from 0x0 when cJSON_Print() return null pointer which is possible as it uses dynamic allocation internally. This can be triggered with dEQP-VK.api.object_management.alloc_callback_fail.instance.