llvm

82c92ad7 - [UR][CUDA/HIP/OFFLOAD] Fix heap buffer overflow in kernel argument handling

[UR][CUDA/HIP/OFFLOAD] Fix heap buffer overflow in kernel argument handling Security: Prevent heap buffer overflow when setting kernel arguments with invalid sizes. The original code had critical security issues: 1. CUDA/HIP: assert() compiled out in release builds (-DNDEBUG) 2. OFFLOAD: NO bounds checking at all An attacker could exploit this by: - CUDA/HIP: Setting small arg initially, then updating with larger size - OFFLOAD: Single call with large size (easier exploit - 1 step) Changes: - CUDA/HIP: Replace debug-only assert() with runtime validation in UPDATE path - OFFLOAD: Add bounds checking BEFORE memcpy - Throw appropriate error codes on size violations Affected API: urKernelSetArgValue() Severity: CRITICAL (heap corruption, potential RCE)