Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(48)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: src/wasm/module-decoder.cc

Issue 2486973003: [wasm] Data section without memory causes a validation error (Closed)
Patch Set: Created 4 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | src/wasm/wasm-module.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2015 the V8 project authors. All rights reserved. 1 // Copyright 2015 the V8 project authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "src/wasm/module-decoder.h" 5 #include "src/wasm/module-decoder.h"
6 6
7 #include "src/base/functional.h" 7 #include "src/base/functional.h"
8 #include "src/base/platform/platform.h" 8 #include "src/base/platform/platform.h"
9 #include "src/flags.h" 9 #include "src/flags.h"
10 #include "src/macro-assembler.h" 10 #include "src/macro-assembler.h"
(...skipping 309 matching lines...) Expand 10 before | Expand all | Expand 10 after
320 &table->max_size); 320 &table->max_size);
321 break; 321 break;
322 } 322 }
323 case kExternalMemory: { 323 case kExternalMemory: {
324 // ===== Imported memory ========================================= 324 // ===== Imported memory =========================================
325 bool has_max = false; 325 bool has_max = false;
326 consume_resizable_limits("memory", "pages", WasmModule::kV8MaxPages, 326 consume_resizable_limits("memory", "pages", WasmModule::kV8MaxPages,
327 &module->min_mem_pages, &has_max, 327 &module->min_mem_pages, &has_max,
328 WasmModule::kSpecMaxPages, 328 WasmModule::kSpecMaxPages,
329 &module->max_mem_pages); 329 &module->max_mem_pages);
330 module->has_memory = true;
330 break; 331 break;
331 } 332 }
332 case kExternalGlobal: { 333 case kExternalGlobal: {
333 // ===== Imported global ========================================= 334 // ===== Imported global =========================================
334 import->index = static_cast<uint32_t>(module->globals.size()); 335 import->index = static_cast<uint32_t>(module->globals.size());
335 module->globals.push_back( 336 module->globals.push_back(
336 {kAstStmt, false, WasmInitExpr(), 0, true, false}); 337 {kAstStmt, false, WasmInitExpr(), 0, true, false});
337 WasmGlobal* global = &module->globals.back(); 338 WasmGlobal* global = &module->globals.back();
338 global->type = consume_value_type(); 339 global->type = consume_value_type();
339 global->mutability = consume_u8("mutability") != 0; 340 global->mutability = consume_u8("mutability") != 0;
(...skipping 64 matching lines...) Expand 10 before | Expand all | Expand 10 after
404 if (memory_count > 1) { 405 if (memory_count > 1) {
405 error(pos, pos, "invalid memory count %d, maximum 1", memory_count); 406 error(pos, pos, "invalid memory count %d, maximum 1", memory_count);
406 } 407 }
407 408
408 for (uint32_t i = 0; ok() && i < memory_count; i++) { 409 for (uint32_t i = 0; ok() && i < memory_count; i++) {
409 bool has_max = false; 410 bool has_max = false;
410 consume_resizable_limits( 411 consume_resizable_limits(
411 "memory", "pages", WasmModule::kV8MaxPages, &module->min_mem_pages, 412 "memory", "pages", WasmModule::kV8MaxPages, &module->min_mem_pages,
412 &has_max, WasmModule::kSpecMaxPages, &module->max_mem_pages); 413 &has_max, WasmModule::kSpecMaxPages, &module->max_mem_pages);
413 } 414 }
415 module->has_memory = true;
414 section_iter.advance(); 416 section_iter.advance();
415 } 417 }
416 418
417 // ===== Global section ================================================== 419 // ===== Global section ==================================================
418 if (section_iter.section_code() == kGlobalSectionCode) { 420 if (section_iter.section_code() == kGlobalSectionCode) {
419 uint32_t globals_count = consume_u32v("globals count"); 421 uint32_t globals_count = consume_u32v("globals count");
420 uint32_t imported_globals = static_cast<uint32_t>(module->globals.size()); 422 uint32_t imported_globals = static_cast<uint32_t>(module->globals.size());
421 if (!IsWithinLimit(std::numeric_limits<int32_t>::max(), globals_count, 423 if (!IsWithinLimit(std::numeric_limits<int32_t>::max(), globals_count,
422 imported_globals)) { 424 imported_globals)) {
423 error(pos, pos, "too many imported+defined globals: %u + %u", 425 error(pos, pos, "too many imported+defined globals: %u + %u",
(...skipping 163 matching lines...) Expand 10 before | Expand all | Expand 10 after
587 consume_bytes(size, "function body"); 589 consume_bytes(size, "function body");
588 } 590 }
589 section_iter.advance(); 591 section_iter.advance();
590 } 592 }
591 593
592 // ===== Data section ==================================================== 594 // ===== Data section ====================================================
593 if (section_iter.section_code() == kDataSectionCode) { 595 if (section_iter.section_code() == kDataSectionCode) {
594 uint32_t data_segments_count = consume_u32v("data segments count"); 596 uint32_t data_segments_count = consume_u32v("data segments count");
595 module->data_segments.reserve(SafeReserve(data_segments_count)); 597 module->data_segments.reserve(SafeReserve(data_segments_count));
596 for (uint32_t i = 0; ok() && i < data_segments_count; ++i) { 598 for (uint32_t i = 0; ok() && i < data_segments_count; ++i) {
599 if (!module->has_memory) {
600 error("cannot load data without memory");
601 break;
602 }
597 TRACE("DecodeDataSegment[%d] module+%d\n", i, 603 TRACE("DecodeDataSegment[%d] module+%d\n", i,
598 static_cast<int>(pc_ - start_)); 604 static_cast<int>(pc_ - start_));
599 module->data_segments.push_back({ 605 module->data_segments.push_back({
600 WasmInitExpr(), // dest_addr 606 WasmInitExpr(), // dest_addr
601 0, // source_offset 607 0, // source_offset
602 0 // source_size 608 0 // source_size
603 }); 609 });
604 WasmDataSegment* segment = &module->data_segments.back(); 610 WasmDataSegment* segment = &module->data_segments.back();
605 DecodeDataSegmentInModule(module, segment); 611 DecodeDataSegmentInModule(module, segment);
606 } 612 }
(...skipping 601 matching lines...) Expand 10 before | Expand all | Expand 10 after
1208 table.push_back(std::move(func_asm_offsets)); 1214 table.push_back(std::move(func_asm_offsets));
1209 } 1215 }
1210 if (decoder.more()) decoder.error("unexpected additional bytes"); 1216 if (decoder.more()) decoder.error("unexpected additional bytes");
1211 1217
1212 return decoder.toResult(std::move(table)); 1218 return decoder.toResult(std::move(table));
1213 } 1219 }
1214 1220
1215 } // namespace wasm 1221 } // namespace wasm
1216 } // namespace internal 1222 } // namespace internal
1217 } // namespace v8 1223 } // namespace v8
OLDNEW
« no previous file with comments | « no previous file | src/wasm/wasm-module.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698