christoph/wamr
1
Fork 0
Code Releases Activity

Refine is_xip_file and pointer range check (#965)

Browse Source 
Refine is_xip_file check, when e_type isn't E_TYPE_XIP, just return false
and no need to go through all the other sections of the AOT file.

Refine pointer range check, convert pointer to uintptr_t type before
comparison to yield possible sanitizer pointer overflow error.
This commit is contained in:
Wenyong Huang
2022-01-18 11:05:58 +08:00
committed by GitHub
parent 552f85075d
commit 8088783775
4 changed files with 20 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
core/iwasm/interpreter/wasm_loader.c
View File

@ -47,7 +47,8 @@ static bool
check_buf(const uint8 *buf, const uint8 *buf_end, uint32 length,
char *error_buf, uint32 error_buf_size)
{
if (buf + length < buf || buf + length > buf_end) {
if ((uintptr_t)buf + length < (uintptr_t)buf
|| (uintptr_t)buf + length > (uintptr_t)buf_end) {
set_error_buf(error_buf, error_buf_size,
"unexpected end of section or function");
return false;
@ -59,7 +60,8 @@ static bool
check_buf1(const uint8 *buf, const uint8 *buf_end, uint32 length,
char *error_buf, uint32 error_buf_size)
{
if (buf + length < buf || buf + length > buf_end) {
if ((uintptr_t)buf + length < (uintptr_t)buf
|| (uintptr_t)buf + length > (uintptr_t)buf_end) {
set_error_buf(error_buf, error_buf_size, "unexpected end");
return false;
}