From db41a91380e0ce51db9b15ddfb1bbd7403765b86 Mon Sep 17 00:00:00 2001 From: lingzhengyang Date: Thu, 28 Aug 2025 06:09:15 +0000 Subject: [PATCH 1/2] update src/ext/gex_marshalling_helper.cpp. Signed-off-by: lingzhengyang --- src/ext/gex_marshalling_helper.cpp | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/ext/gex_marshalling_helper.cpp b/src/ext/gex_marshalling_helper.cpp index 5198aa3..a6202f1 100644 --- a/src/ext/gex_marshalling_helper.cpp +++ b/src/ext/gex_marshalling_helper.cpp @@ -360,6 +360,10 @@ bool GEXComplexShaderParams::Unmarshalling(Parcel& parcel) return false; } uint32_t paramsSize = intVal; + if (paramsSize > 1000) { + GE_LOGE("GEXComplexShaderParams::Unmarshalling invalid paramsSize!"); + return false; + } for (auto i = 0u; i < paramsSize; i++) { if (!parcel.ReadFloat(floatVal)) { GE_LOGE("GEXComplexShaderParams::Unmarshalling Read float failed!"); -- Gitee From ad85eccb1b00876570d8c2c5748ebc0db4652f71 Mon Sep 17 00:00:00 2001 From: lingzhengyang Date: Thu, 28 Aug 2025 12:22:47 +0000 Subject: [PATCH 2/2] update src/ext/gex_marshalling_helper.cpp. Signed-off-by: lingzhengyang --- src/ext/gex_marshalling_helper.cpp | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/ext/gex_marshalling_helper.cpp b/src/ext/gex_marshalling_helper.cpp index a6202f1..da55ad6 100644 --- a/src/ext/gex_marshalling_helper.cpp +++ b/src/ext/gex_marshalling_helper.cpp @@ -23,6 +23,7 @@ namespace OHOS { namespace Rosen { constexpr uint32_t MARSHALLING_SIZE_MAX_LIMIT = 100; // 100 max length +constexpr uint32_t MARSHALLING_SIZE_ONE_THOUSAND = 1000; // 1000 max length bool RotateEffectParams::Marshalling(Parcel& parcel) { @@ -360,7 +361,7 @@ bool GEXComplexShaderParams::Unmarshalling(Parcel& parcel) return false; } uint32_t paramsSize = intVal; - if (paramsSize > 1000) { + if (paramsSize > MARSHALLING_SIZE_ONE_THOUSAND) { GE_LOGE("GEXComplexShaderParams::Unmarshalling invalid paramsSize!"); return false; } -- Gitee