[PATCH] D37070: [WebAssembly] Fix overflow for input without version

Jonas Devlieghere via Phabricator via llvm-commits llvm-commits at lists.llvm.org
Wed Aug 23 12:52:19 PDT 2017


JDevlieghere updated this revision to Diff 112425.
JDevlieghere added a comment.

Running the tests identified an off-by-one error: must be `<` rather than `<=`


Repository:
  rL LLVM

https://reviews.llvm.org/D37070

Files:
  lib/Object/WasmObjectFile.cpp
  test/Object/Inputs/WASM/missing-version.wasm
  test/Object/wasm-missing-version.test


Index: test/Object/wasm-missing-version.test
===================================================================
--- /dev/null
+++ test/Object/wasm-missing-version.test
@@ -0,0 +1,2 @@
+# RUN: not llvm-objdump -h %p/Inputs/WASM/missing-version.wasm 2>&1 | FileCheck %s
+# CHECK: {{.*}}: Missing version number
Index: lib/Object/WasmObjectFile.cpp
===================================================================
--- lib/Object/WasmObjectFile.cpp
+++ lib/Object/WasmObjectFile.cpp
@@ -203,15 +203,23 @@
                                   object_error::parse_failed);
     return;
   }
+
+  const uint8_t *Eof = getPtr(getData().size());
   const uint8_t *Ptr = getPtr(4);
+
+  if (Ptr + 4 > Eof) {
+    Err = make_error<StringError>("Missing version number",
+                                  object_error::parse_failed);
+    return;
+  }
+
   Header.Version = readUint32(Ptr);
   if (Header.Version != wasm::WasmVersion) {
     Err = make_error<StringError>("Bad version number",
                                   object_error::parse_failed);
     return;
   }
 
-  const uint8_t *Eof = getPtr(getData().size());
   WasmSection Sec;
   while (Ptr < Eof) {
     if ((Err = readSection(Sec, Ptr, getPtr(0))))


-------------- next part --------------
A non-text attachment was scrubbed...
Name: D37070.112425.patch
Type: text/x-patch
Size: 1213 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20170823/235fdf72/attachment.bin>


More information about the llvm-commits mailing list