From bf10d42ff36887284b138328d69f2a326ab39cc3 Mon Sep 17 00:00:00 2001 From: Thomas Lively Date: Mon, 19 Aug 2024 18:50:10 -0700 Subject: [PATCH 1/2] Fix encoding of heap type definitions The leading bytes that indicate what kind of heap type is being defined are bytes, but we were previously treating them as SLEB128-encoded values. Since we emit the smallest LEB encodings possible, we were writing the correct bytes in output files, but we were also improperly accepting binaries that used more than one byte to encode these values. This was caught by an upstream spec test. --- scripts/test/shared.py | 5 +- src/wasm-binary.h | 18 +- src/wasm/wasm-binary.cpp | 28 +- test/spec/binary-leb128.wast | 963 ----------------------------------- 4 files changed, 25 insertions(+), 989 deletions(-) delete mode 100644 test/spec/binary-leb128.wast diff --git a/scripts/test/shared.py b/scripts/test/shared.py index 08aebcdd3a8..c3878fa82cb 100644 --- a/scripts/test/shared.py +++ b/scripts/test/shared.py @@ -412,9 +412,8 @@ def get_tests(test_dir, extensions=[], recursive=False): 'elem.wast', ] SPEC_TESTSUITE_TESTS_TO_SKIP = [ - 'address.wast', - 'align.wast', - 'binary-leb128.wast', + 'address.wast', # 64-bit offset allowed by memory64 + 'align.wast', # Alignment bit 6 used by multi-memory 'binary.wast', 'block.wast', 'br_table.wast', diff --git a/src/wasm-binary.h b/src/wasm-binary.h index 32eb7657c59..8c199022487 100644 --- a/src/wasm-binary.h +++ b/src/wasm-binary.h @@ -376,15 +376,15 @@ enum EncodedType { // string reference types stringref = -0x19, // 0x67 // type forms - Func = -0x20, // 0x60 - Cont = -0x23, // 0x5d - Struct = -0x21, // 0x5f - Array = -0x22, // 0x5e - Sub = -0x30, // 0x50 - SubFinal = -0x31, // 0x4f - Shared = -0x1b, // 0x65 - // isorecursive recursion groups - Rec = -0x32, // 0x4e + Func = 0x60, + Cont = 0x5d, + Struct = 0x5f, + Array = 0x5e, + Sub = 0x50, + SubFinal = 0x4f, + SharedDef = 0x65, + Shared = -0x1b, // Also 0x65 as an SLEB128 + Rec = 0x4e, // block_type Empty = -0x40, // 0x40 }; diff --git a/src/wasm/wasm-binary.cpp b/src/wasm/wasm-binary.cpp index 8565ddaadb1..47c93bead3a 100644 --- a/src/wasm/wasm-binary.cpp +++ b/src/wasm/wasm-binary.cpp @@ -269,7 +269,7 @@ void WasmBinaryWriter::writeTypes() { // size 1 are implicit, so only emit a group header for larger groups. auto currGroup = type.getRecGroup(); if (lastGroup != currGroup && currGroup.size() > 1) { - o << S32LEB(BinaryConsts::EncodedType::Rec) << U32LEB(currGroup.size()); + o << uint8_t(BinaryConsts::EncodedType::Rec) << U32LEB(currGroup.size()); } lastGroup = currGroup; // Emit the type definition. @@ -277,9 +277,9 @@ void WasmBinaryWriter::writeTypes() { auto super = type.getDeclaredSuperType(); if (super || type.isOpen()) { if (type.isOpen()) { - o << S32LEB(BinaryConsts::EncodedType::Sub); + o << uint8_t(BinaryConsts::EncodedType::Sub); } else { - o << S32LEB(BinaryConsts::EncodedType::SubFinal); + o << uint8_t(BinaryConsts::EncodedType::SubFinal); } if (super) { o << U32LEB(1); @@ -289,11 +289,11 @@ void WasmBinaryWriter::writeTypes() { } } if (type.isShared()) { - o << S32LEB(BinaryConsts::EncodedType::Shared); + o << uint8_t(BinaryConsts::EncodedType::SharedDef); } switch (type.getKind()) { case HeapTypeKind::Func: { - o << S32LEB(BinaryConsts::EncodedType::Func); + o << uint8_t(BinaryConsts::EncodedType::Func); auto sig = type.getSignature(); for (auto& sigType : {sig.params, sig.results}) { o << U32LEB(sigType.size()); @@ -304,7 +304,7 @@ void WasmBinaryWriter::writeTypes() { break; } case HeapTypeKind::Struct: { - o << S32LEB(BinaryConsts::EncodedType::Struct); + o << uint8_t(BinaryConsts::EncodedType::Struct); auto fields = type.getStruct().fields; o << U32LEB(fields.size()); for (const auto& field : fields) { @@ -313,11 +313,11 @@ void WasmBinaryWriter::writeTypes() { break; } case HeapTypeKind::Array: - o << S32LEB(BinaryConsts::EncodedType::Array); + o << uint8_t(BinaryConsts::EncodedType::Array); writeField(type.getArray().element); break; case HeapTypeKind::Cont: - o << S32LEB(BinaryConsts::EncodedType::Cont); + o << uint8_t(BinaryConsts::EncodedType::Cont); writeHeapType(type.getContinuation().type); break; case HeapTypeKind::Basic: @@ -2405,7 +2405,7 @@ void WasmBinaryReader::readTypes() { for (size_t i = 0; i < builder.size(); i++) { BYN_TRACE("read one\n"); - auto form = getS32LEB(); + auto form = getInt8(); if (form == BinaryConsts::EncodedType::Rec) { uint32_t groupSize = getU32LEB(); if (groupSize == 0u) { @@ -2416,7 +2416,7 @@ void WasmBinaryReader::readTypes() { // allocate space for the extra types. builder.grow(groupSize - 1); builder.createRecGroup(i, groupSize); - form = getS32LEB(); + form = getInt8(); } std::optional superIndex; if (form == BinaryConsts::EncodedType::Sub || @@ -2432,11 +2432,11 @@ void WasmBinaryReader::readTypes() { } superIndex = getU32LEB(); } - form = getS32LEB(); + form = getInt8(); } - if (form == BinaryConsts::Shared) { + if (form == BinaryConsts::SharedDef) { builder[i].setShared(); - form = getS32LEB(); + form = getInt8(); } if (form == BinaryConsts::EncodedType::Func) { builder[i] = readSignatureDef(); @@ -4741,7 +4741,7 @@ Index WasmBinaryReader::readMemoryAccess(Address& alignment, Address& offset) { rawAlignment = rawAlignment & ~(1 << 6); } - if (rawAlignment > 8) { + if (rawAlignment >= 8) { throwError("Alignment must be of a reasonable size"); } diff --git a/test/spec/binary-leb128.wast b/test/spec/binary-leb128.wast deleted file mode 100644 index 9afcb540ced..00000000000 --- a/test/spec/binary-leb128.wast +++ /dev/null @@ -1,963 +0,0 @@ -;; Unsigned LEB128 can have non-minimal length -(module binary - "\00asm" "\01\00\00\00" - "\05\04\01" ;; Memory section with 1 entry - "\00\82\00" ;; no max, minimum 2 -) -(module binary - "\00asm" "\01\00\00\00" - "\05\07\01" ;; Memory section with 1 entry - "\00\82\80\80\80\00" ;; no max, minimum 2 -) -(module binary - "\00asm" "\01\00\00\00" - "\05\06\01" ;; Memory section with 1 entry - "\01\82\00" ;; minimum 2 - "\82\00" ;; max 2 -) -(module binary - "\00asm" "\01\00\00\00" - "\05\09\01" ;; Memory section with 1 entry - "\01\82\00" ;; minimum 2 - "\82\80\80\80\00" ;; max 2 -) -(module binary - "\00asm" "\01\00\00\00" - "\05\03\01" ;; Memory section with 1 entry - "\00\00" ;; no max, minimum 0 - "\0b\07\01" ;; Data section with 1 entry - "\80\00" ;; Memory index 0, encoded with 2 bytes - "\41\00\0b\00" ;; (i32.const 0) with contents "" -) -(module binary - "\00asm" "\01\00\00\00" - "\04\04\01" ;; Table section with 1 entry - "\70\00\00" ;; no max, minimum 0, funcref - "\09\07\01" ;; Element section with 1 entry - "\80\00" ;; Table index 0, encoded with 2 bytes - "\41\00\0b\00" ;; (i32.const 0) with no elements -) -(module binary - "\00asm" "\01\00\00\00" - "\00" ;; custom section - "\8a\00" ;; section size 10, encoded with 2 bytes - "\01" ;; name byte count - "1" ;; name - "23456789" ;; sequence of bytes -) -(module binary - "\00asm" "\01\00\00\00" - "\00" ;; custom section - "\0b" ;; section size - "\88\00" ;; name byte count 8, encoded with 2 bytes - "12345678" ;; name - "9" ;; sequence of bytes -) -(module binary - "\00asm" "\01\00\00\00" - "\01\08\01" ;; type section - "\60" ;; func type - "\82\00" ;; num params 2, encoded with 2 bytes - "\7f\7e" ;; param type - "\01" ;; num results - "\7f" ;; result type -) -(module binary - "\00asm" "\01\00\00\00" - "\01\08\01" ;; type section - "\60" ;; func type - "\02" ;; num params - "\7f\7e" ;; param type - "\81\00" ;; num results 1, encoded with 2 bytes - "\7f" ;; result type -) -(module binary - "\00asm" "\01\00\00\00" - "\01\05\01" ;; type section - "\60\01\7f\00" ;; function type - "\02\17\01" ;; import section - "\88\00" ;; module name length 8, encoded with 2 bytes - "\73\70\65\63\74\65\73\74" ;; module name - "\09" ;; entity name length - "\70\72\69\6e\74\5f\69\33\32" ;; entity name - "\00" ;; import kind - "\00" ;; import signature index -) -(module binary - "\00asm" "\01\00\00\00" - "\01\05\01" ;; type section - "\60\01\7f\00" ;; function type - "\02\17\01" ;; import section - "\08" ;; module name length - "\73\70\65\63\74\65\73\74" ;; module name - "\89\00" ;; entity name length 9, encoded with 2 bytes - "\70\72\69\6e\74\5f\69\33\32" ;; entity name - "\00" ;; import kind - "\00" ;; import signature index -) -(module binary - "\00asm" "\01\00\00\00" - "\01\05\01" ;; type section - "\60\01\7f\00" ;; function type - "\02\17\01" ;; import section - "\08" ;; module name length - "\73\70\65\63\74\65\73\74" ;; module name - "\09" ;; entity name length 9 - "\70\72\69\6e\74\5f\69\33\32" ;; entity name - "\00" ;; import kind - "\80\00" ;; import signature index, encoded with 2 bytes -) -(module binary - "\00asm" "\01\00\00\00" - "\01\04\01" ;; type section - "\60\00\00" ;; function type - "\03\03\01" ;; function section - "\80\00" ;; function 0 signature index, encoded with 2 bytes - "\0a\04\01" ;; code section - "\02\00\0b" ;; function body -) -(module binary - "\00asm" "\01\00\00\00" - "\01\04\01" ;; type section - "\60\00\00" ;; fun type - "\03\02\01\00" ;; function section - "\07\07\01" ;; export section - "\82\00" ;; string length 2, encoded with 2 bytes - "\66\31" ;; export name f1 - "\00" ;; export kind - "\00" ;; export func index - "\0a\04\01" ;; code section - "\02\00\0b" ;; function body -) -(module binary - "\00asm" "\01\00\00\00" - "\01\04\01" ;; type section - "\60\00\00" ;; fun type - "\03\02\01\00" ;; function section - "\07\07\01" ;; export section - "\02" ;; string length 2 - "\66\31" ;; export name f1 - "\00" ;; export kind - "\80\00" ;; export func index, encoded with 2 bytes - "\0a\04\01" ;; code section - "\02\00\0b" ;; function body -) -(module binary - "\00asm" "\01\00\00\00" - "\01\04\01" ;; type section - "\60\00\00" ;; fun type - "\03\02\01\00" ;; function section - "\0a" ;; code section - "\05" ;; section size - "\81\00" ;; num functions, encoded with 2 bytes - "\02\00\0b" ;; function body -) - -;; Signed LEB128 can have non-minimal length -(module binary - "\00asm" "\01\00\00\00" - "\06\07\01" ;; Global section with 1 entry - "\7f\00" ;; i32, immutable - "\41\80\00" ;; i32.const 0 - "\0b" ;; end -) -(module binary - "\00asm" "\01\00\00\00" - "\06\07\01" ;; Global section with 1 entry - "\7f\00" ;; i32, immutable - "\41\ff\7f" ;; i32.const -1 - "\0b" ;; end -) -(module binary - "\00asm" "\01\00\00\00" - "\06\0a\01" ;; Global section with 1 entry - "\7f\00" ;; i32, immutable - "\41\80\80\80\80\00" ;; i32.const 0 - "\0b" ;; end -) -(module binary - "\00asm" "\01\00\00\00" - "\06\0a\01" ;; Global section with 1 entry - "\7f\00" ;; i32, immutable - "\41\ff\ff\ff\ff\7f" ;; i32.const -1 - "\0b" ;; end -) - -(module binary - "\00asm" "\01\00\00\00" - "\06\07\01" ;; Global section with 1 entry - "\7e\00" ;; i64, immutable - "\42\80\00" ;; i64.const 0 with unused bits set - "\0b" ;; end -) -(module binary - "\00asm" "\01\00\00\00" - "\06\07\01" ;; Global section with 1 entry - "\7e\00" ;; i64, immutable - "\42\ff\7f" ;; i64.const -1 with unused bits unset - "\0b" ;; end -) -(module binary - "\00asm" "\01\00\00\00" - "\06\0f\01" ;; Global section with 1 entry - "\7e\00" ;; i64, immutable - "\42\80\80\80\80\80\80\80\80\80\00" ;; i64.const 0 with unused bits set - "\0b" ;; end -) -(module binary - "\00asm" "\01\00\00\00" - "\06\0f\01" ;; Global section with 1 entry - "\7e\00" ;; i64, immutable - "\42\ff\ff\ff\ff\ff\ff\ff\ff\ff\7f" ;; i64.const -1 with unused bits unset - "\0b" ;; end -) - -;; Unsigned LEB128 must not be overlong -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\05\08\01" ;; Memory section with 1 entry - "\00\82\80\80\80\80\00" ;; no max, minimum 2 with one byte too many - ) - "integer representation too long" -) -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\05\0a\01" ;; Memory section with 1 entry - "\01\82\00" ;; minimum 2 - "\82\80\80\80\80\00" ;; max 2 with one byte too many - ) - "integer representation too long" -) -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\05\03\01" ;; Memory section with 1 entry - "\00\00" ;; no max, minimum 0 - "\0b\0b\01" ;; Data section with 1 entry - "\80\80\80\80\80\00" ;; Memory index 0 with one byte too many - "\41\00\0b\00" ;; (i32.const 0) with contents "" - ) - "integer representation too long" -) -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\04\04\01" ;; Table section with 1 entry - "\70\00\00" ;; no max, minimum 0, funcref - "\09\0b\01" ;; Element section with 1 entry - "\80\80\80\80\80\00" ;; Table index 0 with one byte too many - "\41\00\0b\00" ;; (i32.const 0) with no elements - ) - "integer representation too long" -) -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\00" ;; custom section - "\83\80\80\80\80\00" ;; section size 3 with one byte too many - "\01" ;; name byte count - "1" ;; name - "2" ;; sequence of bytes - ) - "integer representation too long" -) -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\00" ;; custom section - "\0A" ;; section size - "\83\80\80\80\80\00" ;; name byte count 3 with one byte too many - "123" ;; name - "4" ;; sequence of bytes - ) - "integer representation too long" -) -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\01\0c\01" ;; type section - "\60" ;; func type - "\82\80\80\80\80\00" ;; num params 2 with one byte too many - "\7f\7e" ;; param type - "\01" ;; num result - "\7f" ;; result type - ) - "integer representation too long" -) -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\01\08\01" ;; type section - "\60" ;; func type - "\02" ;; num params - "\7f\7e" ;; param type - "\81\80\80\80\80\00" ;; num result 1 with one byte too many - "\7f" ;; result type - ) - "integer representation too long" -) -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\01\05\01" ;; type section - "\60\01\7f\00" ;; function type - "\02\1b\01" ;; import section - "\88\80\80\80\80\00" ;; module name length 8 with one byte too many - "\73\70\65\63\74\65\73\74" ;; module name - "\09" ;; entity name length - "\70\72\69\6e\74\5f\69\33\32" ;; entity name - "\00" ;; import kind - "\00" ;; import signature index - ) - "integer representation too long" -) -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\01\05\01" ;; type section - "\60\01\7f\00" ;; function type - "\02\1b\01" ;; import section - "\08" ;; module name length - "\73\70\65\63\74\65\73\74" ;; module name - "\89\80\80\80\80\00" ;; entity name length 9 with one byte too many - "\70\72\69\6e\74\5f\69\33\32" ;; entity name - "\00" ;; import kind - "\00" ;; import signature index - ) - "integer representation too long" -) -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\01\05\01" ;; type section - "\60\01\7f\00" ;; function type - "\02\1b\01" ;; import section - "\08" ;; module name length - "\73\70\65\63\74\65\73\74" ;; module name - "\09" ;; entity name length 9 - "\70\72\69\6e\74\5f\69\33\32" ;; entity name - "\00" ;; import kind - "\80\80\80\80\80\00" ;; import signature index 0 with one byte too many - ) - "integer representation too long" -) -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\01\04\01" ;; type section - "\60\00\00" ;; function type - "\03\03\01" ;; function section - "\80\80\80\80\80\00" ;; function 0 signature index with one byte too many - "\0a\04\01" ;; code section - "\02\00\0b" ;; function body - ) - "integer representation too long" -) -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\01\04\01" ;; type section - "\60\00\00" ;; fun type - "\03\02\01\00" ;; function section - "\07\0b\01" ;; export section - "\82\80\80\80\80\00" ;; string length 2 with one byte too many - "\66\31" ;; export name f1 - "\00" ;; export kind - "\00" ;; export func index - "\0a\04\01" ;; code section - "\02\00\0b" ;; function body - ) - "integer representation too long" -) -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\01\04\01" ;; type section - "\60\00\00" ;; fun type - "\03\02\01\00" ;; function section - "\07\0b\01" ;; export section - "\02" ;; string length 2 - "\66\31" ;; export name f1 - "\00" ;; export kind - "\80\80\80\80\80\00" ;; export func index 0 with one byte too many - "\0a\04\01" ;; code section - "\02\00\0b" ;; function body - ) - "integer representation too long" -) -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\01\04\01" ;; type section - "\60\00\00" ;; fun type - "\03\02\01\00" ;; function section - "\0a" ;; code section - "\05" ;; section size - "\81\80\80\80\80\00" ;; num functions 1 with one byte too many - "\02\00\0b" ;; function body - ) - "integer representation too long" -) -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\01\04\01\60\00\00" ;; Type section - "\03\02\01\00" ;; Function section - "\05\03\01\00\01" ;; Memory section - "\0a\11\01" ;; Code section - ;; function 0 - "\0f\01\01" ;; local type count - "\7f" ;; i32 - "\41\00" ;; i32.const 0 - "\28" ;; i32.load - "\02" ;; alignment 2 - "\82\80\80\80\80\00" ;; offset 2 with one byte too many - "\1a" ;; drop - "\0b" ;; end - ) - "integer representation too long" -) -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\01\04\01\60\00\00" ;; Type section - "\03\02\01\00" ;; Function section - "\05\03\01\00\01" ;; Memory section - "\0a\11\01" ;; Code section - ;; function 0 - "\0f\01\01" ;; local type count - "\7f" ;; i32 - "\41\00" ;; i32.const 0 - "\28" ;; i32.load - "\82\80\80\80\80\00" ;; alignment 2 with one byte too many - "\00" ;; offset 0 - "\1a" ;; drop - "\0b" ;; end - ) - "integer representation too long" -) -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\01\04\01\60\00\00" ;; Type section - "\03\02\01\00" ;; Function section - "\05\03\01\00\01" ;; Memory section - "\0a\12\01" ;; Code section - ;; function 0 - "\10\01\01" ;; local type count - "\7f" ;; i32 - "\41\00" ;; i32.const 0 - "\41\03" ;; i32.const 3 - "\36" ;; i32.store - "\82\80\80\80\80\00" ;; alignment 2 with one byte too many - "\03" ;; offset 3 - "\0b" ;; end - ) - "integer representation too long" -) -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\01\04\01\60\00\00" ;; Type section - "\03\02\01\00" ;; Function section - "\05\03\01\00\01" ;; Memory section - "\0a\12\01" ;; Code section - ;; function 0 - "\10\01\01" ;; local type count - "\7f" ;; i32 - "\41\00" ;; i32.const 0 - "\41\03" ;; i32.const 3 - "\36" ;; i32.store - "\02" ;; alignment 2 - "\82\80\80\80\80\00" ;; offset 2 with one byte too many - "\0b" ;; end - ) - "integer representation too long" -) - -;; Signed LEB128 must not be overlong -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\06\0b\01" ;; Global section with 1 entry - "\7f\00" ;; i32, immutable - "\41\80\80\80\80\80\00" ;; i32.const 0 with one byte too many - "\0b" ;; end - ) - "integer representation too long" -) -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\06\0b\01" ;; Global section with 1 entry - "\7f\00" ;; i32, immutable - "\41\ff\ff\ff\ff\ff\7f" ;; i32.const -1 with one byte too many - "\0b" ;; end - ) - "integer representation too long" -) - -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\06\10\01" ;; Global section with 1 entry - "\7e\00" ;; i64, immutable - "\42\80\80\80\80\80\80\80\80\80\80\00" ;; i64.const 0 with one byte too many - "\0b" ;; end - ) - "integer representation too long" -) -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\06\10\01" ;; Global section with 1 entry - "\7e\00" ;; i64, immutable - "\42\ff\ff\ff\ff\ff\ff\ff\ff\ff\ff\7f" ;; i64.const -1 with one byte too many - "\0b" ;; end - ) - "integer representation too long" -) - -;; Unsigned LEB128s zero-extend -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\05\07\01" ;; Memory section with 1 entry - "\00\82\80\80\80\70" ;; no max, minimum 2 with unused bits set - ) - "integer too large" -) -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\05\07\01" ;; Memory section with 1 entry - "\00\82\80\80\80\40" ;; no max, minimum 2 with some unused bits set - ) - "integer too large" -) -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\05\09\01" ;; Memory section with 1 entry - "\01\82\00" ;; minimum 2 - "\82\80\80\80\10" ;; max 2 with unused bits set - ) - "integer too large" -) -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\05\09\01" ;; Memory section with 1 entry - "\01\82\00" ;; minimum 2 - "\82\80\80\80\40" ;; max 2 with some unused bits set - ) - "integer too large" -) -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\05\03\01" ;; Memory section with 1 entry - "\00\00" ;; no max, minimum 0 - "\0b\0a\01" ;; Data section with 1 entry - "\80\80\80\80\10" ;; Memory index 0 with unused bits set - "\41\00\0b\00" ;; (i32.const 0) with contents "" - ) - "integer too large" -) -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\04\04\01" ;; Table section with 1 entry - "\70\00\00" ;; no max, minimum 0, funcref - "\09\0a\01" ;; Element section with 1 entry - "\80\80\80\80\10" ;; Table index 0 with unused bits set - "\41\00\0b\00" ;; (i32.const 0) with no elements - ) - "integer too large" -) -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\00" ;; custom section - "\83\80\80\80\10" ;; section size 3 with unused bits set - "\01" ;; name byte count - "1" ;; name - "2" ;; sequence of bytes - ) - "integer too large" -) -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\00" ;; custom section - "\09" ;; section size - "\83\80\80\80\40" ;; name byte count 3 with unused bits set - "123" ;; name - "4" ;; sequence of bytes - ) - "integer too large" -) -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\01\0b\01" ;; type section - "\60" ;; func type - "\82\80\80\80\10" ;; num params 2 with unused bits set - "\7f\7e" ;; param type - "\01" ;; num result - "\7f" ;; result type - ) - "integer too large" -) -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\01\0b\01" ;; type section - "\60" ;; func type - "\02" ;; num params - "\7f\7e" ;; param type - "\81\80\80\80\40" ;; num result 1 with unused bits set - "\7f" ;; result type - ) - "integer too large" -) -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\01\05\01" ;; type section - "\60\01\7f\00" ;; function type - "\02\1a\01" ;; import section - "\88\80\80\80\10" ;; module name length 8 with unused bits set - "\73\70\65\63\74\65\73\74" ;; module name - "\09" ;; entity name length - "\70\72\69\6e\74\5f\69\33\32" ;; entity name - "\00" ;; import kind - "\00" ;; import signature index - ) - "integer too large" -) -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\01\05\01" ;; type section - "\60\01\7f\00" ;; function type - "\02\1a\01" ;; import section - "\08" ;; module name length - "\73\70\65\63\74\65\73\74" ;; module name - "\89\80\80\80\40" ;; entity name length 9 with unused bits set - "\70\72\69\6e\74\5f\69\33\32" ;; entity name - "\00" ;; import kind - "\00" ;; import signature index - ) - "integer too large" -) -(assert_malformed -(module binary - "\00asm" "\01\00\00\00" - "\01\05\01" ;; type section - "\60\01\7f\00" ;; function type - "\02\1a\01" ;; import section - "\08" ;; module name length - "\73\70\65\63\74\65\73\74" ;; module name - "\09" ;; entity name length 9 - "\70\72\69\6e\74\5f\69\33\32" ;; entity name - "\00" ;; import kind - "\80\80\80\80\10" ;; import signature index 0 with unused bits set -) - "integer too large" -) -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\01\04\01" ;; type section - "\60\00\00" ;; function type - "\03\06\01" ;; function section - "\80\80\80\80\10" ;; function 0 signature index with unused bits set - "\0a\04\01" ;; code section - "\02\00\0b" ;; function body - ) - "integer too large" -) - -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\01\04\01" ;; type section - "\60\00\00" ;; fun type - "\03\02\01\00" ;; function section - "\07\0a\01" ;; export section - "\82\80\80\80\10" ;; string length 2 with unused bits set - "\66\31" ;; export name f1 - "\00" ;; export kind - "\00" ;; export func index - "\0a\04\01" ;; code section - "\02\00\0b" ;; function body - ) - "integer too large" -) -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\01\04\01" ;; type section - "\60\00\00" ;; fun type - "\03\02\01\00" ;; function section - "\07\0a\01" ;; export section - "\02" ;; string length 2 - "\66\31" ;; export name f1 - "\00" ;; export kind - "\80\80\80\80\10" ;; export func index with unused bits set - "\0a\04\01" ;; code section - "\02\00\0b" ;; function body - ) - "integer too large" -) -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\01\04\01" ;; type section - "\60\00\00" ;; fun type - "\03\02\01\00" ;; function section - "\0a" ;; code section - "\08" ;; section size - "\81\80\80\80\10" ;; num functions 1 with unused bits set - "\02\00\0b" ;; function body - ) - "integer too large" -) -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\01\04\01\60\00\00" ;; Type section - "\03\02\01\00" ;; Function section - "\05\03\01\00\01" ;; Memory section - "\0a\10\01" ;; Code section - ;; function 0 - "\0e\01\01" ;; local type count - "\7f" ;; i32 - "\41\00" ;; i32.const 0 - "\28" ;; i32.load - "\02" ;; alignment 2 - "\82\80\80\80\10" ;; offset 2 with unused bits set - "\1a" ;; drop - "\0b" ;; end - ) - "integer too large" -) -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\01\04\01\60\00\00" ;; Type section - "\03\02\01\00" ;; Function section - "\05\03\01\00\01" ;; Memory section - "\0a\10\01" ;; Code section - ;; function 0 - "\0e\01\01" ;; local type count - "\7f" ;; i32 - "\41\00" ;; i32.const 0 - "\28" ;; i32.load - "\02" ;; alignment 2 - "\82\80\80\80\40" ;; offset 2 with some unused bits set - "\1a" ;; drop - "\0b" ;; end - ) - "integer too large" -) -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\01\04\01\60\00\00" ;; Type section - "\03\02\01\00" ;; Function section - "\05\03\01\00\01" ;; Memory section - "\0a\10\01" ;; Code section - "\0e\01\01" ;; local type count - "\7f" ;; i32 - "\41\00" ;; i32.const 0 - "\28" ;; i32.load - "\82\80\80\80\10" ;; alignment 2 with unused bits set - "\00" ;; offset 0 - "\1a" ;; drop - "\0b" ;; end - ) - "integer too large" -) -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\01\04\01\60\00\00" ;; Type section - "\03\02\01\00" ;; Function section - "\05\03\01\00\01" ;; Memory section - "\0a\10\01" ;; Code section - ;; function 0 - "\0e\01\01" ;; local type count - "\7f" ;; i32 - "\41\00" ;; i32.const 0 - "\28" ;; i32.load - "\82\80\80\80\40" ;; alignment 2 with some unused bits set - "\00" ;; offset 0 - "\1a" ;; drop - "\0b" ;; end - ) - "integer too large" -) -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\01\04\01\60\00\00" ;; Type section - "\03\02\01\00" ;; Function section - "\05\03\01\00\01" ;; Memory section - "\0a\11\01" ;; Code section - ;; function 0 - "\0f\01\01" ;; local type count - "\7f" ;; i32 - "\41\00" ;; i32.const 0 - "\41\03" ;; i32.const 3 - "\36" ;; i32.store - "\82\80\80\80\10" ;; alignment 2 with unused bits set - "\03" ;; offset 3 - "\0b" ;; end - ) - "integer too large" -) -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\01\04\01\60\00\00" ;; Type section - "\03\02\01\00" ;; Function section - "\05\03\01\00\01" ;; Memory section - "\0a\11\01" ;; Code section - ;; function 0 - "\0f\01\01" ;; local type count - "\7f" ;; i32 - "\41\00" ;; i32.const 0 - "\41\03" ;; i32.const 3 - "\36" ;; i32.store - "\82\80\80\80\40" ;; alignment 2 with some unused bits set - "\03" ;; offset 3 - "\0b" ;; end - ) - "integer too large" -) -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\01\04\01\60\00\00" ;; Type section - "\03\02\01\00" ;; Function section - "\05\03\01\00\01" ;; Memory section - "\0a\11\01" ;; Code section - ;; function 0 - "\0f\01\01" ;; local type count - "\7f" ;; i32 - "\41\00" ;; i32.const 0 - "\41\03" ;; i32.const 3 - "\36" ;; i32.store - "\03" ;; alignment 2 - "\82\80\80\80\10" ;; offset 2 with unused bits set - "\0b" ;; end - ) - "integer too large" -) -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\01\04\01\60\00\00" ;; Type section - "\03\02\01\00" ;; Function section - "\05\03\01\00\01" ;; Memory section - "\0a\11\01" ;; Code section - - ;; function 0 - "\0f\01\01" ;; local type count - "\7f" ;; i32 - "\41\00" ;; i32.const 0 - "\41\03" ;; i32.const 3 - "\36" ;; i32.store - "\02" ;; alignment 2 - "\82\80\80\80\40" ;; offset 2 with some unused bits set - "\0b" ;; end - ) - "integer too large" -) - -;; Signed LEB128s sign-extend -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\06\0a\01" ;; Global section with 1 entry - "\7f\00" ;; i32, immutable - "\41\80\80\80\80\70" ;; i32.const 0 with unused bits set - "\0b" ;; end - ) - "integer too large" -) -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\06\0a\01" ;; Global section with 1 entry - "\7f\00" ;; i32, immutable - "\41\ff\ff\ff\ff\0f" ;; i32.const -1 with unused bits unset - "\0b" ;; end - ) - "integer too large" -) -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\06\0a\01" ;; Global section with 1 entry - "\7f\00" ;; i32, immutable - "\41\80\80\80\80\1f" ;; i32.const 0 with some unused bits set - "\0b" ;; end - ) - "integer too large" -) -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\06\0a\01" ;; Global section with 1 entry - "\7f\00" ;; i32, immutable - "\41\ff\ff\ff\ff\4f" ;; i32.const -1 with some unused bits unset - "\0b" ;; end - ) - "integer too large" -) - -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\06\0f\01" ;; Global section with 1 entry - "\7e\00" ;; i64, immutable - "\42\80\80\80\80\80\80\80\80\80\7e" ;; i64.const 0 with unused bits set - "\0b" ;; end - ) - "integer too large" -) -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\06\0f\01" ;; Global section with 1 entry - "\7e\00" ;; i64, immutable - "\42\ff\ff\ff\ff\ff\ff\ff\ff\ff\01" ;; i64.const -1 with unused bits unset - "\0b" ;; end - ) - "integer too large" -) -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\06\0f\01" ;; Global section with 1 entry - "\7e\00" ;; i64, immutable - "\42\80\80\80\80\80\80\80\80\80\02" ;; i64.const 0 with some unused bits set - "\0b" ;; end - ) - "integer too large" -) -(assert_malformed - (module binary - "\00asm" "\01\00\00\00" - "\06\0f\01" ;; Global section with 1 entry - "\7e\00" ;; i64, immutable - "\42\ff\ff\ff\ff\ff\ff\ff\ff\ff\41" ;; i64.const -1 with some unused bits unset - "\0b" ;; end - ) - "integer too large" -) From 69d4a074a42c7ba3516e08606c2d17aeca9415bc Mon Sep 17 00:00:00 2001 From: Thomas Lively Date: Tue, 20 Aug 2024 15:38:42 -0700 Subject: [PATCH 2/2] undo stray change --- src/wasm/wasm-binary.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/wasm/wasm-binary.cpp b/src/wasm/wasm-binary.cpp index 47c93bead3a..865ca39cac2 100644 --- a/src/wasm/wasm-binary.cpp +++ b/src/wasm/wasm-binary.cpp @@ -4741,7 +4741,7 @@ Index WasmBinaryReader::readMemoryAccess(Address& alignment, Address& offset) { rawAlignment = rawAlignment & ~(1 << 6); } - if (rawAlignment >= 8) { + if (rawAlignment > 8) { throwError("Alignment must be of a reasonable size"); }