Fix some issues reported by CodeQL (#3064)

Refer to https://github.com/bytecodealliance/wasm-micro-runtime/pull/2812 and https://github.com/bytecodealliance/wasm-micro-runtime/security/code-scanning?query=pr%3A2812+is%3Aopen
2024-01-23 21:38:30 +08:00
parent ab97d543e0
commit 9f64340529
9 changed files with 20 additions and 17 deletions
--- a/core/iwasm/common/wasm_c_api.c
+++ b/core/iwasm/common/wasm_c_api.c
@ -2294,7 +2294,7 @@ wasm_module_new(wasm_store_t *store, const wasm_byte_vec_t *binary)
        (uint8 *)module_ex->binary->data, (uint32)module_ex->binary->size,
        error_buf, (uint32)sizeof(error_buf));
    if (!(module_ex->module_comm_rt)) {
-        LOG_ERROR(error_buf);
+        LOG_ERROR("%s", error_buf);
        goto free_vec;
    }

@ -2367,7 +2367,7 @@ wasm_module_validate(wasm_store_t *store, const wasm_byte_vec_t *binary)
    }
    else {
        ret = false;
-        LOG_VERBOSE(error_buf);
+        LOG_VERBOSE("%s", error_buf);
    }

    return ret;
@ -3359,7 +3359,7 @@ wasm_func_call(const wasm_func_t *func, const wasm_val_vec_t *params,
    wasm_runtime_set_exception(func->inst_comm_rt, NULL);
    if (!wasm_runtime_call_wasm(exec_env, func_comm_rt, argc, argv)) {
        if (wasm_runtime_get_exception(func->inst_comm_rt)) {
-            LOG_DEBUG(wasm_runtime_get_exception(func->inst_comm_rt));
+            LOG_DEBUG("%s", wasm_runtime_get_exception(func->inst_comm_rt));
            goto failed;
        }
    }
@ -5044,7 +5044,7 @@ failed:
        *trap = wasm_trap_new(store, &message);
        wasm_byte_vec_delete(&message);
    }
-    LOG_DEBUG(error_buf);
+    LOG_DEBUG("%s", error_buf);
    wasm_instance_delete_internal(instance);
    return NULL;
 }
--- a/core/iwasm/common/wasm_native.c
+++ b/core/iwasm/common/wasm_native.c
@ -194,7 +194,7 @@ wasm_native_resolve_symbol(const char *module_name, const char *field_name,
 {
    NativeSymbolsNode *node, *node_next;
    const char *signature = NULL;
-    void *func_ptr = NULL, *attachment;
+    void *func_ptr = NULL, *attachment = NULL;

    node = g_native_symbols_list;
    while (node) {
--- a/core/iwasm/common/wasm_runtime_common.c
+++ b/core/iwasm/common/wasm_runtime_common.c
@ -2905,7 +2905,8 @@ copy_string_array(const char *array[], uint32 array_size, char **buf_ptr,
    /* We add +1 to generate null-terminated array of strings */
    total_size = sizeof(char *) * ((uint64)array_size + 1);
    if (total_size >= UINT32_MAX
-        || (total_size > 0 && !(list = wasm_runtime_malloc((uint32)total_size)))
+        /* total_size must be larger than 0, don' check it again */
+        || !(list = wasm_runtime_malloc((uint32)total_size))
        || buf_size >= UINT32_MAX
        || (buf_size > 0 && !(buf = wasm_runtime_malloc((uint32)buf_size)))) {