Fix fast interpreter constant space overflow issue (#1071)

Fix the potential integer overflow of const index in const space of fast interpreter, emit i32/i64.const opcode when the const index is larger than INT32_MAX. And add check for the function local cell num.
2022-04-04 07:55:37 +08:00
parent 5e0ee67d48
commit f0dc6a3015
3 changed files with 247 additions and 33 deletions
--- a/core/iwasm/interpreter/wasm_interp_fast.c
+++ b/core/iwasm/interpreter/wasm_interp_fast.c
@ -1773,6 +1773,33 @@ wasm_interp_call_func_bytecode(WASMModuleInstance *module,
                HANDLE_OP_END();
            }

+            /* constant instructions */
+            HANDLE_OP(WASM_OP_F64_CONST)
+            HANDLE_OP(WASM_OP_I64_CONST)
+            {
+                uint8 *orig_ip = frame_ip;
+
+                frame_ip += sizeof(uint64);
+                addr_ret = GET_OFFSET();
+
+                bh_memcpy_s(frame_lp + addr_ret, sizeof(uint64), orig_ip,
+                            sizeof(uint64));
+                HANDLE_OP_END();
+            }
+
+            HANDLE_OP(WASM_OP_F32_CONST)
+            HANDLE_OP(WASM_OP_I32_CONST)
+            {
+                uint8 *orig_ip = frame_ip;
+
+                frame_ip += sizeof(uint32);
+                addr_ret = GET_OFFSET();
+
+                bh_memcpy_s(frame_lp + addr_ret, sizeof(uint32), orig_ip,
+                            sizeof(uint32));
+                HANDLE_OP_END();
+            }
+
            /* comparison instructions of i32 */
            HANDLE_OP(WASM_OP_I32_EQZ)
            {
@ -3496,10 +3523,6 @@ wasm_interp_call_func_bytecode(WASMModuleInstance *module,
        HANDLE_OP(WASM_OP_F64_LOAD)
        HANDLE_OP(EXT_OP_GET_LOCAL_FAST)
        HANDLE_OP(WASM_OP_GET_LOCAL)
-        HANDLE_OP(WASM_OP_F64_CONST)
-        HANDLE_OP(WASM_OP_I64_CONST)
-        HANDLE_OP(WASM_OP_F32_CONST)
-        HANDLE_OP(WASM_OP_I32_CONST)
        HANDLE_OP(WASM_OP_DROP)
        HANDLE_OP(WASM_OP_DROP_64)
        HANDLE_OP(WASM_OP_BLOCK)