christoph/wamr
1
Fork 0
Code Releases Activity

Add more operand stack overflow checks for fast-interp (#1104)

Browse Source 
And clear some compile warnings on Windows
This commit is contained in:
Wenyong Huang
2022-04-20 16:19:12 +08:00
committed by GitHub
parent 0f505aafd9
commit d6e781af28
5 changed files with 29 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
core/iwasm/interpreter/wasm_interp_fast.c
View File

@ -3602,6 +3602,13 @@ wasm_interp_call_func_bytecode(WASMModuleInstance *module,
{
outs_area->lp = outs_area->operand + cur_func->const_cell_num;
}
if ((uint8 *)(outs_area->lp + cur_func->param_cell_num)
> exec_env->wasm_stack.s.top_boundary) {
wasm_set_exception(module, "wasm operand stack overflow");
goto got_exception;
}
for (i = 0; i < cur_func->param_count; i++) {
if (cur_func->param_types[i] == VALUE_TYPE_I64
|| cur_func->param_types[i] == VALUE_TYPE_F64) {
@ -3790,6 +3797,13 @@ wasm_interp_call_wasm(WASMModuleInstance *module_inst, WASMExecEnv *exec_env,
frame->lp = frame->operand + 0;
frame->ret_offset = 0;
if ((uint8 *)(outs_area->operand + function->const_cell_num + argc)
> exec_env->wasm_stack.s.top_boundary) {
wasm_set_exception((WASMModuleInstance *)exec_env->module_inst,
"wasm operand stack overflow");
return;
}
if (argc > 0)
word_copy(outs_area->operand + function->const_cell_num, argv, argc);

4
core/iwasm/interpreter/wasm_loader.c
View File

@ -4976,8 +4976,8 @@ wasm_loader_emit_const(WASMLoaderContext *ctx, void *value, bool is_32_bit)
bh_assert(((uintptr_t)ctx->p_code_compiled & 1) == 0);
#endif
bh_memcpy_s(ctx->p_code_compiled,
ctx->p_code_compiled_end - ctx->p_code_compiled, value,
size);
(uint32)(ctx->p_code_compiled_end - ctx->p_code_compiled),
value, size);
ctx->p_code_compiled += size;
}
else {

4
core/iwasm/interpreter/wasm_mini_loader.c
View File

@ -3501,8 +3501,8 @@ wasm_loader_emit_const(WASMLoaderContext *ctx, void *value, bool is_32_bit)
bh_assert(((uintptr_t)ctx->p_code_compiled & 1) == 0);
#endif
bh_memcpy_s(ctx->p_code_compiled,
ctx->p_code_compiled_end - ctx->p_code_compiled, value,
size);
(uint32)(ctx->p_code_compiled_end - ctx->p_code_compiled),
value, size);
ctx->p_code_compiled += size;
}
else {