From 1e42e4a3903708afb19143e15c039457318c5cd8 Mon Sep 17 00:00:00 2001
From: Alyssa Rosenzweig <alyssa@rosenzweig.io>
Date: Sat, 2 Apr 2022 22:21:15 -0400
Subject: [PATCH] asahi: Validate segment list length

This is easy now!

Signed-off-by: Alyssa Rosenzweig <alyssa@rosenzweig.io>
Part-of: <https://gitlab.freedesktop.org/mesa/mesa/-/merge_requests/16512>
---
 src/asahi/lib/decode.c | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/src/asahi/lib/decode.c b/src/asahi/lib/decode.c
index 6f04443de61..e664f2e7da4 100644
--- a/src/asahi/lib/decode.c
+++ b/src/asahi/lib/decode.c
@@ -136,7 +136,6 @@ agxdecode_decode_segment_list(void *segment_list)
    }
 
    fprintf(agxdecode_dump_stream, "Segment list:\n");
-   fprintf(agxdecode_dump_stream, "  Length: %u\n", hdr->length);
    fprintf(agxdecode_dump_stream, "  Command buffer shmem ID: %" PRIx64 "\n", hdr->cmdbuf_id);
    fprintf(agxdecode_dump_stream, "  Encoder ID: %" PRIx64 "\n", hdr->encoder_id);
    fprintf(agxdecode_dump_stream, "  Kernel commands start offset: %u\n",
@@ -145,6 +144,15 @@ agxdecode_decode_segment_list(void *segment_list)
          hdr->kernel_commands_end_offset);
    fprintf(agxdecode_dump_stream, "  Unknown: 0x%X\n", hdr->unk);
 
+   /* Expected structure: header followed by resource groups */
+   size_t length = sizeof(struct agx_map_header);
+   length += sizeof(struct agx_map_entry) * hdr->resource_group_count;
+
+   if (length != hdr->length) {
+      fprintf(agxdecode_dump_stream, "ERROR: expected length %zu, got %u\n",
+              length, hdr->length);
+   }
+
    if (hdr->padding[0] || hdr->padding[1])
       fprintf(agxdecode_dump_stream, "ERROR - padding tripped\n");