Fix safe CmdBuildAccelerationStructuresIndirect signature and add extra length validation (#365)

* khr/acceleration_structure: Fix fn signature of indirect build cmd max_primitive_counts is an array of arrays, not an array of references to single u32's. * khr/acceleration_structure: Validate array length against geometry_count This is a safe wrapper that already iterates over all the slice references (fat pointers) to collect just the pointers for use in the Vulkan API. It can and should at the same time make sure these slices are of the specified length to prevent accidental out-of-bounds reads.
2021-03-01 10:07:27 +01:00 · 2021-03-01 10:07:27 +01:00 · 00e7bbd8f3
commit 00e7bbd8f3
parent a053c6aecc
1 changed files with 21 additions and 13 deletions
--- a/ash/src/extensions/khr/acceleration_structure.rs
+++ b/ash/src/extensions/khr/acceleration_structure.rs
@ -42,18 +42,14 @@ impl AccelerationStructure {
        allocation_callbacks: Option<&vk::AllocationCallbacks>,
    ) -> VkResult<vk::AccelerationStructureKHR> {
        let mut accel_struct = mem::zeroed();
-        let err_code = self
-            .acceleration_structure_fn
+        self.acceleration_structure_fn
            .create_acceleration_structure_khr(
                self.handle,
                create_info,
                allocation_callbacks.as_raw_ptr(),
                &mut accel_struct,
-            );
-        match err_code {
-            vk::Result::SUCCESS => Ok(accel_struct),
-            _ => Err(err_code),
-        }
+            )
+            .result_with_success(accel_struct)
    }

    #[doc = "<https://www.khronos.org/registry/vulkan/specs/1.2-extensions/man/html/vkDestroyAccelerationStructureKHR.html>"]
@ -81,8 +77,12 @@ impl AccelerationStructure {

        let build_range_infos = build_range_infos
            .iter()
-            .map(|slice| slice.as_ptr())
-            .collect::<Vec<*const _>>();
+            .zip(infos.iter())
+            .map(|(range_info, info)| {
+                assert_eq!(range_info.len(), info.geometry_count as usize);
+                range_info.as_ptr()
+            })
+            .collect::<Vec<_>>();

        self.acceleration_structure_fn
            .cmd_build_acceleration_structures_khr(
@ -100,7 +100,7 @@ impl AccelerationStructure {
        infos: &[vk::AccelerationStructureBuildGeometryInfoKHR],
        indirect_device_addresses: &[vk::DeviceAddress],
        indirect_strides: &[u32],
-        max_primitive_counts: &[&u32],
+        max_primitive_counts: &[&[u32]],
    ) {
        assert_eq!(infos.len(), indirect_device_addresses.len());
        assert_eq!(infos.len(), indirect_strides.len());
@ -108,7 +108,11 @@ impl AccelerationStructure {

        let max_primitive_counts = max_primitive_counts
            .iter()
-            .map(|cnt| *cnt as *const _)
+            .zip(infos.iter())
+            .map(|(cnt, info)| {
+                assert_eq!(cnt.len(), info.geometry_count as usize);
+                cnt.as_ptr()
+            })
            .collect::<Vec<_>>();

        self.acceleration_structure_fn
@ -133,8 +137,12 @@ impl AccelerationStructure {

        let build_range_infos = build_range_infos
            .iter()
-            .map(|slice| slice.as_ptr())
-            .collect::<Vec<*const _>>();
+            .zip(infos.iter())
+            .map(|(range_info, info)| {
+                assert_eq!(range_info.len(), info.geometry_count as usize);
+                range_info.as_ptr()
+            })
+            .collect::<Vec<_>>();

        self.acceleration_structure_fn
            .build_acceleration_structures_khr(