const char* ShGetInfoLog(const ShHandle);
const char* ShGetObjectCode(const ShHandle);
These functions return null-terminated strings which can be exploited by a
compromised process. Change the interface to be more like OpenGL shader
functions:
enum ShCompilerInfo {
SH_COMPILE_STATUS,
SH_INFO_LOG_LENGTH,
SH_DEBUG_LOG_LENGTH,
SH_OBJECT_CODE_LENGTH,
}
int ShGetCompilerInfo(ShHandle compiler, ShCompilerInfo param);
void ShGetCompilerInfoLog(ShHandle compiler, int maxLength, int* length, char*
infoLog);
void ShGetCompilerDebugLog(ShHandle compiler, int maxLength, int* length, char*
debugLog);
void ShGetCompilerObjectCode(ShHandle compiler, int maxLength, int* length,
char* objectCode);
Original issue reported on code.google.com by alokp@chromium.org on 16 Jun 2010 at 7:09
Original issue reported on code.google.com by
alokp@chromium.org
on 16 Jun 2010 at 7:09