[llvm] [WebAssembly] Limit increase of Ctx.End (PR #76676)
Derek Schuff via llvm-commits
llvm-commits at lists.llvm.org
Wed Feb 14 10:50:54 PST 2024
dschuff wrote:
Not that it necessarily needs to block this PR, but:
I've been working in this file lately and thought about this recently, and it occurred to me that this change is really very limited in that it only protects against a corrupted linking section. But every section has a header, some have subsections like the linking section, and most sections have vectors with size fields, and this same kind of problem could happen in any of those cases. If we really care about defending against buffer overflows caused by corrupted or malicious input files, we should do something more comprehensive, e.g. change how Ctx.Ptr is updated to centralize this checking. And this is just the object file parser... do LLVM's other parsers have similar goals or threat models? What is our threat model that would tell us how far we should take this work?
https://github.com/llvm/llvm-project/pull/76676
More information about the llvm-commits
mailing list