From 0e1c20342ee2f2225b6635ebe5b7c13ebc2c1e0f Mon Sep 17 00:00:00 2001
From: baldurk <baldurk@baldurk.org>
Date: Thu, 19 Sep 2019 11:47:11 +0100
Subject: [PATCH] Try to handle invalid callstack sizes in serialisation
 without crashing

---
 renderdoc/serialise/serialiser.cpp | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

diff --git a/renderdoc/serialise/serialiser.cpp b/renderdoc/serialise/serialiser.cpp
index c030e1398..baae33d88 100644
--- a/renderdoc/serialise/serialiser.cpp
+++ b/renderdoc/serialise/serialiser.cpp
@@ -85,10 +85,20 @@ uint32_t Serialiser<SerialiserMode::Reading>::BeginChunk(uint32_t, uint64_t)
       uint32_t numFrames = 0;
       m_Read->Read(numFrames);
 
-      m_ChunkMetadata.flags |= SDChunkFlags::HasCallstack;
+      // try to sanity check the number of frames
+      if(numFrames < 4096)
+      {
+        m_ChunkMetadata.flags |= SDChunkFlags::HasCallstack;
 
-      m_ChunkMetadata.callstack.resize((size_t)numFrames);
-      m_Read->Read(m_ChunkMetadata.callstack.data(), m_ChunkMetadata.callstack.byteSize());
+        m_ChunkMetadata.callstack.resize((size_t)numFrames);
+        m_Read->Read(m_ChunkMetadata.callstack.data(), m_ChunkMetadata.callstack.byteSize());
+      }
+      else
+      {
+        RDCERR("Read invalid number of callstack frames: %u", numFrames);
+        // still read the size that we should, even though we expect this to be broken after here
+        m_Read->Read(NULL, numFrames * sizeof(uint64_t));
+      }
     }
 
     if(c & ChunkThreadID)