Fix an OOB read through CallSite.GetFunctionName

Fix an OOB read through CallSite.GetFunctionName

The func_index parameter passed to GetWasmFunctionNameFromTable can be
user-controlled through the CallSite constructor. Catch out-of-bounds
reads and return null as the function name in such cases.

This applies to the 5.3 branch and will be reverted on TOT in a bit.

BUG=632965
Committed: https://crrev.com/8592c450a68581d7257c1b2002983c0092cd749a
Cr-Commit-Position: refs/heads/master@{#38276}

[jgruber, 2016-08-02 14:56:28]

The CQ bit was checked by jgruber@chromium.org to run a CQ dry run

[commit-bot: I haz the power, 2016-08-02 14:56:30]

Dry run: CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[commit-bot: I haz the power, 2016-08-02 15:33:09]

The CQ bit was unchecked by commit-bot@chromium.org

[commit-bot: I haz the power, 2016-08-02 15:33:10]

Dry run: This issue passed the CQ dry run.

[jgruber, 2016-08-03 06:53:18]

jgruber@chromium.org changed reviewers:
+ yangguo@chromium.org

[jgruber, 2016-08-03 06:53:19]

This is for fixing the issue in beta. We can revert this after it's been merged
onto 5.3.

[jgruber, 2016-08-03 06:54:15]

Description was changed from

==========
Fix an OOB read through CallSite.GetFunctionName

The func_index parameter passed to GetWasmFunctionNameFromTable can be
user-controlled through the CallSite constructor. Catch out-of-bounds
reads and return null as the function name in such cases.

BUG=632965
==========

to

==========
Fix an OOB read through CallSite.GetFunctionName

The func_index parameter passed to GetWasmFunctionNameFromTable can be
user-controlled through the CallSite constructor. Catch out-of-bounds
reads and return null as the function name in such cases.

This applies to the 5.3 branch and will be reverted on TOT in a bit.

BUG=632965
==========

[Yang, 2016-08-03 07:26:51]

On 2016/08/03 06:53:19, jgruber wrote:
> This is for fixing the issue in beta. We can revert this after it's been
merged
> onto 5.3.


LGTM.

[jgruber, 2016-08-03 07:28:05]

jgruber@chromium.org changed reviewers:
+ ahaas@chromium.org

[ahaas, 2016-08-03 07:31:52]

lgtm

[jgruber, 2016-08-03 07:32:52]

The CQ bit was checked by jgruber@chromium.org

[commit-bot: I haz the power, 2016-08-03 07:33:00]

CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[commit-bot: I haz the power, 2016-08-03 07:34:38]

Description was changed from

==========
Fix an OOB read through CallSite.GetFunctionName

The func_index parameter passed to GetWasmFunctionNameFromTable can be
user-controlled through the CallSite constructor. Catch out-of-bounds
reads and return null as the function name in such cases.

This applies to the 5.3 branch and will be reverted on TOT in a bit.

BUG=632965
==========

to

==========
Fix an OOB read through CallSite.GetFunctionName

The func_index parameter passed to GetWasmFunctionNameFromTable can be
user-controlled through the CallSite constructor. Catch out-of-bounds
reads and return null as the function name in such cases.

This applies to the 5.3 branch and will be reverted on TOT in a bit.

BUG=632965
==========

[commit-bot: I haz the power, 2016-08-03 07:34:39]

Committed patchset #1 (id:1)

[commit-bot: I haz the power, 2016-08-03 07:35:32]

Description was changed from

==========
Fix an OOB read through CallSite.GetFunctionName

The func_index parameter passed to GetWasmFunctionNameFromTable can be
user-controlled through the CallSite constructor. Catch out-of-bounds
reads and return null as the function name in such cases.

This applies to the 5.3 branch and will be reverted on TOT in a bit.

BUG=632965
==========

to

==========
Fix an OOB read through CallSite.GetFunctionName

The func_index parameter passed to GetWasmFunctionNameFromTable can be
user-controlled through the CallSite constructor. Catch out-of-bounds
reads and return null as the function name in such cases.

This applies to the 5.3 branch and will be reverted on TOT in a bit.

BUG=632965

Committed: https://crrev.com/8592c450a68581d7257c1b2002983c0092cd749a
Cr-Commit-Position: refs/heads/master@{#38276}
==========

[commit-bot: I haz the power, 2016-08-03 07:35:33]

Patchset 1 (id:??) landed as
https://crrev.com/8592c450a68581d7257c1b2002983c0092cd749a
Cr-Commit-Position: refs/heads/master@{#38276}

[jgruber, 2016-08-08 07:24:07]

A revert of this CL (patchset #1 id:1) has been created in
https://codereview.chromium.org/2225773002/ by jgruber@chromium.org.

The reason for reverting is: We can revert this now that it's landed on 5.3..