src/wasm/ast-decoder.cc - Issue 2290233008: [wasm] Validate the index of set local in AnalyzeLoopAssignment

Side by Side Diff: src/wasm/ast-decoder.cc

Issue 2290233008: [wasm] Validate the index of set local in AnalyzeLoopAssignment (Closed)

Patch Set: Created 4 years, 3 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

OLD	NEW
1 // Copyright 2015 the V8 project authors. All rights reserved.	1 // Copyright 2015 the V8 project authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "src/signature.h"	5 #include "src/signature.h"

6	6

7 #include "src/bit-vector.h"	7 #include "src/bit-vector.h"

8 #include "src/flags.h"	8 #include "src/flags.h"

9 #include "src/handles.h"	9 #include "src/handles.h"

10 #include "src/zone-containers.h"	10 #include "src/zone-containers.h"

(...skipping 1832 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
1843 case kExprIf:	1843 case kExprIf:

1844 case kExprBlock:	1844 case kExprBlock:

1845 case kExprTryCatch:	1845 case kExprTryCatch:

1846 case kExprTryCatchFinally:	1846 case kExprTryCatchFinally:

1847 case kExprTryFinally:	1847 case kExprTryFinally:

1848 depth++;	1848 depth++;

1849 DCHECK_EQ(1, OpcodeLength(pc));	1849 DCHECK_EQ(1, OpcodeLength(pc));

1850 break;	1850 break;

1851 case kExprSetLocal: {	1851 case kExprSetLocal: {

1852 LocalIndexOperand operand(this, pc);	1852 LocalIndexOperand operand(this, pc);

1853 if (assigned->length() > 0 &&	1853 if (Validate(pc_, operand)) {
	titzer 2016/09/01 13:12:44 I think if you just remove the static_cast to int, I think if you just remove the static_cast to int, this will work. That was the intention of the check, anyway. ahaas 2016/09/01 13:53:15 Done. I think that calling Validate() would have a Show quoted text On 2016/09/01 at 13:12:44, titzer wrote: > I think if you just remove the static_cast to int, this will work. That was the intention of the check, anyway. Done. I think that calling Validate() would have actually been an error because Validate() causes an error state.
1854 static_cast<int>(operand.index) < assigned->length()) {	1854 if (assigned->length() > 0 &&

1855 // Unverified code might have an out-of-bounds index.	1855 static_cast<int>(operand.index) < assigned->length()) {

1856 assigned->Add(operand.index);	1856 // Unverified code might have an out-of-bounds index.

	1857 assigned->Add(operand.index);

	1858 }

1857 }	1859 }

1858 length = 1 + operand.length;	1860 length = 1 + operand.length;

1859 break;	1861 break;

1860 }	1862 }

1861 case kExprEnd:	1863 case kExprEnd:

1862 depth--;	1864 depth--;

1863 break;	1865 break;

1864 default:	1866 default:

1865 length = OpcodeLength(pc);	1867 length = OpcodeLength(pc);

1866 break;	1868 break;

(...skipping 197 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
2064 BitVector* AnalyzeLoopAssignmentForTesting(Zone* zone, size_t num_locals,	2066 BitVector* AnalyzeLoopAssignmentForTesting(Zone* zone, size_t num_locals,

2065 const byte* start, const byte* end) {	2067 const byte* start, const byte* end) {

2066 FunctionBody body = {nullptr, nullptr, nullptr, start, end};	2068 FunctionBody body = {nullptr, nullptr, nullptr, start, end};

2067 WasmFullDecoder decoder(zone, nullptr, body);	2069 WasmFullDecoder decoder(zone, nullptr, body);

2068 return decoder.AnalyzeLoopAssignmentForTesting(start, num_locals);	2070 return decoder.AnalyzeLoopAssignmentForTesting(start, num_locals);

2069 }	2071 }

2070	2072

2071 } // namespace wasm	2073 } // namespace wasm

2072 } // namespace internal	2074 } // namespace internal

2073 } // namespace v8	2075 } // namespace v8

OLD	NEW

« no previous file with comments | « no previous file | test/unittests/wasm/loop-assignment-analysis-unittest.cc » ('j') | no next file with comments »