[wasm] Break loops in the module-decoder upon error.

src/wasm/module-decoder.cc

 // Copyright 2015 the V8 project authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "src/wasm/module-decoder.h"
 
 #include "src/base/functional.h"
 #include "src/base/platform/platform.h"
 #include "src/macro-assembler.h"
 #include "src/objects.h"
@@ skipping 169 matching lines @@
         case WasmSection::Code::FunctionBodies: {
           const byte* pos = pc_;
           uint32_t functions_count = consume_u32v("functions count");
           if (functions_count != module->functions.size()) {
             error(pos, pos, "function body count %u mismatch (%u expected)",
                   functions_count,
                   static_cast<uint32_t>(module->functions.size()));
             break;
           }
           for (uint32_t i = 0; i < functions_count; ++i) {
+            if (failed()) break;

[titzer, 2016/09/22 09:53:11]

Can we change all these loops to be for(x, ok() && y; x++)?

This is the format I've used in 0xC

[ahaas, 2016/09/22 12:35:09]

Done.

             WasmFunction* function = &module->functions[i];
             uint32_t size = consume_u32v("body size");
             function->code_start_offset = pc_offset();
             function->code_end_offset = pc_offset() + size;
 
             TRACE("  +%d  %-20s: (%d bytes)\n", pc_offset(), "function body",
                   size);
             pc_ += size;
             if (pc_ > limit_) {
               error(pc_, "function body extends beyond end of file");
             }
           }
           break;
         }
         case WasmSection::Code::Names: {
           const byte* pos = pc_;
           uint32_t functions_count = consume_u32v("functions count");
           if (functions_count != module->functions.size()) {
             error(pos, pos, "function name count %u mismatch (%u expected)",
                   functions_count,
                   static_cast<uint32_t>(module->functions.size()));
             break;
           }
 
           for (uint32_t i = 0; i < functions_count; ++i) {
+            if (failed()) break;
             WasmFunction* function = &module->functions[i];
             function->name_offset =
                 consume_string(&function->name_length, false);
 
             uint32_t local_names_count = consume_u32v("local names count");
             for (uint32_t j = 0; j < local_names_count; j++) {
+              if (failed()) break;
               uint32_t unused = 0;
               uint32_t offset = consume_string(&unused, false);
               USE(unused);
               USE(offset);
             }
           }
           break;
         }
         case WasmSection::Code::Globals: {
           uint32_t globals_count = consume_u32v("globals count");
@@ skipping 281 matching lines @@
   void DecodeFunctionTableInModule(WasmModule* module,
                                    WasmIndirectFunctionTable* table) {
     table->size = consume_u32v("function table entry count");
     table->max_size = table->size;
 
     if (table->max_size != table->size) {
       error("invalid table maximum size");
     }
 
     for (uint32_t i = 0; i < table->size; ++i) {
+      if (failed()) break;
       uint16_t index = consume_u32v();
       if (index >= module->functions.size()) {
         error(pc_ - sizeof(index), "invalid function index");
         break;
       }
       table->values.push_back(index);
     }
   }
 
   // Calculate individual global offsets and total size of globals table.
@@ skipping 289 matching lines @@
     decoder.consume_bytes(size);
   }
   if (decoder.more()) decoder.error("unexpected additional bytes");
 
   return decoder.toResult(std::move(table));
 }
 
 }  // namespace wasm
 }  // namespace internal
 }  // namespace v8