fergalmoran/ladybird
1
0
Fork 0
mirror of https://github.com/fergalmoran/ladybird.git synced 2026-01-06 08:36:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

LibWasm: Check data section offset for overflow during instantiation

Browse Source
This commit is contained in:
Diego
2024-06-07 08:05:32 -07:00
committed by Ali Mohammad Pur
parent 28d4e326f8
commit bd6ee060d2
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
Userland/Libraries/LibWasm/AbstractMachine/AbstractMachine.cpp
View File

@@ -345,7 +345,9 @@ InstantiationResult AbstractMachine::instantiate(Module const& module, Vector<Ex
return;
auto address = main_module_instance.memories()[data.index.value()];
auto instance = m_store.get(address);
if (data.init.size() + offset > instance->size()) {
Checked<size_t> checked_offset = data.init.size();
checked_offset += offset;
if (checked_offset.has_overflow() || checked_offset > instance->size()) {
instantiation_result = InstantiationError {
ByteString::formatted("Data segment attempted to write to out-of-bounds memory ({}) in memory of size {}",
offset, instance->size())