From 7c82f20b52e9f4145f9030b8726d02a9f8a740a1 Mon Sep 17 00:00:00 2001
From: ameerj <52414509+ameerj@users.noreply.github.com>
Date: Fri, 11 Jun 2021 22:16:34 -0400
Subject: [PATCH] glsl: Add immediate index oob checking for Cbuf getters

---
 .../backend/glsl/emit_glsl_context_get_set.cpp   | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/src/shader_recompiler/backend/glsl/emit_glsl_context_get_set.cpp b/src/shader_recompiler/backend/glsl/emit_glsl_context_get_set.cpp
index 5861c4d4ca..8223ad862d 100644
--- a/src/shader_recompiler/backend/glsl/emit_glsl_context_get_set.cpp
+++ b/src/shader_recompiler/backend/glsl/emit_glsl_context_get_set.cpp
@@ -38,6 +38,15 @@ void GetCbuf(EmitContext& ctx, IR::Inst& inst, const IR::Value& binding, const I
              u32 num_bits, std::string_view cast = {}, bool component_indexing_bug = false,
              std::string_view bit_offset = {}) {
     const bool is_immediate{offset.IsImmediate()};
+    if (is_immediate) {
+        const s32 signed_offset{static_cast<s32>(offset.U32())};
+        static constexpr u32 cbuf_size{4096 * 16};
+        if (signed_offset < 0 || offset.U32() > cbuf_size) {
+            // LOG_WARNING(..., "Immediate constant buffer offset is out of bounds");
+            ctx.AddU32("{}=0u;", inst);
+            return;
+        }
+    }
     const auto offset_var{ctx.var_alloc.Consume(offset)};
     const auto index{is_immediate ? fmt::format("{}", offset.U32() / 16)
                                   : fmt::format("{}>>4", offset_var)};
@@ -124,7 +133,14 @@ void EmitGetCbufU32x2(EmitContext& ctx, IR::Inst& inst, const IR::Value& binding
                       const IR::Value& offset) {
     const auto cbuf{fmt::format("{}_cbuf{}", ctx.stage_name, binding.U32())};
     if (offset.IsImmediate()) {
+        static constexpr u32 cbuf_size{4096 * 16};
         const u32 u32_offset{offset.U32()};
+        const s32 signed_offset{static_cast<s32>(offset.U32())};
+        if (signed_offset < 0 || u32_offset > cbuf_size) {
+            // LOG_WARNING(..., "Immediate constant buffer offset is out of bounds");
+            ctx.AddU32x2("{}=uvec2(0u);", inst);
+            return;
+        }
         if (u32_offset % 2 == 0) {
             ctx.AddU32x2("{}=ftou({}[{}].{}{});", inst, cbuf, u32_offset / 16,
                          OffsetSwizzle(u32_offset), OffsetSwizzle(u32_offset + 4));