Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fixes DOM-based XSS vulnerability in setStatus function by replacing innerHTML with textContent. Also fix Use after free in cube.c #2

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Fixes DOM-based XSS vulnerability in setStatus function by replacing innerHTML with textContent. Also fix Use after free in cube.c #2

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
8c93754
FIx#1
ArcherTannic Dec 23, 2024
36b6b54
Fix#2
ArcherTannic Dec 24, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 6 additions & 3 deletions samples/CubeSample/cube/cube.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3126,8 +3126,11 @@ static VkResult demo_create_display_surface(struct demo *demo) {
exit(1);
}

// Save the data from plane_props[plane_index] before freeing memory
VkDisplayPlanePropertiesKHR plane_prop = plane_props[plane_index];
// Free the memory that contains plane_props
free(plane_props);

// Now, use the saved data
VkDisplayPlaneCapabilitiesKHR planeCaps;
vkGetDisplayPlaneCapabilitiesKHR(demo->gpu, mode_props.displayMode, plane_index, &planeCaps);
// Find a supported alpha mode
Expand All @@ -3138,7 +3141,7 @@ static VkResult demo_create_display_surface(struct demo *demo) {
VK_DISPLAY_PLANE_ALPHA_PER_PIXEL_BIT_KHR,
VK_DISPLAY_PLANE_ALPHA_PER_PIXEL_PREMULTIPLIED_BIT_KHR,
};
for (uint32_t i = 0; i < sizeof(alphaModes); i++) {
for (uint32_t i = 0; i < sizeof(alphaModes) / sizeof(alphaModes[0]); i++) {
if (planeCaps.supportedAlpha & alphaModes[i]) {
alphaMode = alphaModes[i];
break;
Expand All @@ -3152,7 +3155,7 @@ static VkResult demo_create_display_surface(struct demo *demo) {
create_info.flags = 0;
create_info.displayMode = mode_props.displayMode;
create_info.planeIndex = plane_index;
create_info.planeStackIndex = plane_props[plane_index].currentStackIndex;
create_info.planeStackIndex = plane_prop.currentStackIndex; // Use the saved value
create_info.transform = VK_SURFACE_TRANSFORM_IDENTITY_BIT_KHR;
create_info.alphaMode = alphaMode;
create_info.globalAlpha = 1.0f;
Expand Down
12 changes: 7 additions & 5 deletions samples/SampleLauncher/src/gfn_sdk_demo/resources/gfn_sdk.html
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -238,11 +238,13 @@
* Adds a given input message to the console log as well as the log text box.
* @param message Input string to be added to the log
*/
function setStatus(message) {
console.log(message);
var timestamp = new Date();
document.getElementById('status').innerHTML = '[' + timestamp.toLocaleTimeString() + '] ' + message + '\n' + document.getElementById('status').innerHTML;
}
function setStatus(message) {
console.log(message);
var timestamp = new Date();
var statusElement = document.getElementById('status');
var currentText = statusElement.textContent;
statusElement.textContent = '[' + timestamp.toLocaleTimeString() + '] ' + message + '\n' + currentText;
}

/**
* Initializes the NVIDIA GeForce NOW SDK and other startup values. Also checks
Expand Down