srctree

Robin Linden parent 06ac1fc0 39057abc
wasm: Set a maximum size for sequences

The limit was chosen arbitrarily and will definitely be adjusted once westart testing this against real-world data, but for now, we just need alimit so we can hook up fuzz testing for wasm parsing.
inlinesplit
wasm/byte_code_parser.cpp added: 18, removed: 4, total 14
@@ -12,6 +12,7 @@
#include <tl/expected.hpp>
 
#include <algorithm>
#include <cstddef>
#include <cstdint>
#include <iostream>
#include <istream>
@@ -26,6 +27,9 @@ using namespace std::literals;
namespace wasm {
namespace {
 
// Number 100% made up. We'll definitely have to adjust this.
constexpr std::size_t kMaxSequenceSize = UINT16_MAX;
 
constexpr int kMagicSize = 4;
constexpr int kVersionSize = 4;
 
@@ -45,7 +49,7 @@ std::optional<T> parse(std::istream &&is) {
template<>
std::optional<std::string> parse(std::istream &is) {
auto length = Leb128<std::uint32_t>::decode_from(is);
if (!length) {
if (!length || *length > kMaxSequenceSize) {
return std::nullopt;
}
 
@@ -311,7 +315,7 @@ std::optional<Import> parse(std::istream &is) {
template<typename T>
std::optional<std::vector<T>> parse_vector(std::istream &is) {
auto item_count = Leb128<std::uint32_t>::decode_from(is);
if (!item_count) {
if (!item_count || *item_count > kMaxSequenceSize) {
return std::nullopt;
}
 
 
wasm/byte_code_parser_test.cpp added: 18, removed: 4, total 14
@@ -96,6 +96,16 @@ void export_section_tests() {
expect_eq(module.export_section, wasm::ExportSection{});
});
 
etest::test("export section, too (624485) many exports", [] {
auto module = ByteCodeParser::parse_module(make_module_bytes(SectionId::Export, {0xe5, 0x8e, 0x26}));
expect_eq(module, tl::unexpected{wasm::ModuleParseError::InvalidExportSection});
});
 
etest::test("export section, name too (624485 byte) long", [] {
auto module = ByteCodeParser::parse_module(make_module_bytes(SectionId::Export, {1, 0xe5, 0x8e, 0x26}));
expect_eq(module, tl::unexpected{wasm::ModuleParseError::InvalidExportSection});
});
 
etest::test("export section, one", [] {
std::vector<std::uint8_t> content{1, 2, 'h', 'i', static_cast<std::uint8_t>(wasm::Export::Type::Function), 5};