From 0993aba32165e0ee4e8db40528c148909b76553e Mon Sep 17 00:00:00 2001
From: Stephan Unverwerth <s.unverwerth@serenityos.org>
Date: Wed, 21 Dec 2022 16:01:34 +0100
Subject: [PATCH] LibVirtGPU: Add length verification to append_create_shader()

---
 Userland/Libraries/LibVirtGPU/CommandBufferBuilder.cpp | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/Userland/Libraries/LibVirtGPU/CommandBufferBuilder.cpp b/Userland/Libraries/LibVirtGPU/CommandBufferBuilder.cpp
index 8db8707dba..887a653ebf 100644
--- a/Userland/Libraries/LibVirtGPU/CommandBufferBuilder.cpp
+++ b/Userland/Libraries/LibVirtGPU/CommandBufferBuilder.cpp
@@ -273,6 +273,8 @@ void CommandBufferBuilder::append_set_constant_buffer(Vector<float> const& const
 void CommandBufferBuilder::append_create_shader(Protocol::ObjectHandle handle, Gallium::ShaderType shader_type, StringView shader_data)
 {
     size_t shader_len = shader_data.length() + 1; // Need to remember to copy null terminator as well if needed
+    VERIFY(shader_len <= NumericLimits<u32>::max());
+
     CommandBuilder builder(m_buffer, Protocol::VirGLCommand::CREATE_OBJECT, Protocol::ObjectType::SHADER);
     builder.appendu32(handle.value()); // VIRGL_OBJ_CREATE_HANDLE
     builder.appendu32(to_underlying(shader_type));