Fix potential pointer overflows (#826)
Fix some potential pointer overflows in aot applying relocations and several other places. And add sanitizer compiler flags to wamrc CMakeLists.txt to detect such issues.
This commit is contained in:
@ -2351,16 +2351,16 @@ aot_resolve_object_relocation_group(AOTObjectData *obj_data,
|
||||
/* parse relocation addend from reloction content */
|
||||
if (has_addend) {
|
||||
if (is_binary_32bit) {
|
||||
uint32 addend =
|
||||
(uint32)(((struct elf32_rela *)rela_content)->r_addend);
|
||||
int32 addend =
|
||||
(int32)(((struct elf32_rela *)rela_content)->r_addend);
|
||||
if (is_binary_little_endian != is_little_endian())
|
||||
exchange_uint32((uint8 *)&addend);
|
||||
relocation->relocation_addend = (uint64)addend;
|
||||
relocation->relocation_addend = (int64)addend;
|
||||
rela_content += sizeof(struct elf32_rela);
|
||||
}
|
||||
else {
|
||||
uint64 addend =
|
||||
(uint64)(((struct elf64_rela *)rela_content)->r_addend);
|
||||
int64 addend =
|
||||
(int64)(((struct elf64_rela *)rela_content)->r_addend);
|
||||
if (is_binary_little_endian != is_little_endian())
|
||||
exchange_uint64((uint8 *)&addend);
|
||||
relocation->relocation_addend = addend;
|
||||
|
||||
@ -422,9 +422,14 @@ aot_compile_op_block(AOTCompContext *comp_ctx, AOTFuncContext *func_ctx,
|
||||
/* Init aot block data */
|
||||
block->label_type = label_type;
|
||||
block->param_count = param_count;
|
||||
memcpy(block->param_types, param_types, param_count);
|
||||
if (param_count) {
|
||||
bh_memcpy_s(block->param_types, param_count, param_types, param_count);
|
||||
}
|
||||
block->result_count = result_count;
|
||||
memcpy(block->result_types, result_types, result_count);
|
||||
if (result_count) {
|
||||
bh_memcpy_s(block->result_types, result_count, result_types,
|
||||
result_count);
|
||||
}
|
||||
block->wasm_code_else = else_addr;
|
||||
block->wasm_code_end = end_addr;
|
||||
block->block_index = func_ctx->block_stack.block_index[label_type];
|
||||
|
||||
@ -162,10 +162,15 @@ aot_create_func_block(AOTCompContext *comp_ctx, AOTFuncContext *func_ctx,
|
||||
/* Set block data */
|
||||
aot_block->label_type = LABEL_TYPE_FUNCTION;
|
||||
aot_block->param_count = param_count;
|
||||
memcpy(aot_block->param_types, aot_func_type->types, param_count);
|
||||
if (param_count) {
|
||||
bh_memcpy_s(aot_block->param_types, param_count, aot_func_type->types,
|
||||
param_count);
|
||||
}
|
||||
aot_block->result_count = result_count;
|
||||
memcpy(aot_block->result_types, aot_func_type->types + param_count,
|
||||
result_count);
|
||||
if (result_count) {
|
||||
bh_memcpy_s(aot_block->result_types, result_count,
|
||||
aot_func_type->types + param_count, result_count);
|
||||
}
|
||||
aot_block->wasm_code_end = func->code + func->code_size;
|
||||
|
||||
/* Add function entry block */
|
||||
|
||||
Reference in New Issue
Block a user