feat: Improve wasm string null-termintor checks

master
Sean McBride 5 years ago
parent c9b9a6553e
commit 346c391ece

@ -24,10 +24,10 @@ void stub_init(i32 offset);
void * worker_thread__main(void *return_code);
/**
* TODO: ???
* @param offset TODO: ????
* @param bounds_check TODO: ???
* @return TODO: ???
* Translates WASM offsets into runtime VM pointers
* @param offset an offset into the WebAssembly linear memory
* @param bounds_check the size of the thing we are pointing to
* @return void pointer to something in WebAssembly linear memory
**/
static inline void *
get_memory_ptr_void(u32 offset, u32 bounds_check)
@ -36,24 +36,30 @@ get_memory_ptr_void(u32 offset, u32 bounds_check)
}
/**
* TODO: ???
* @param offset TODO: ????
* @return TODO: ???
* Get a single-byte extended ASCII character from WebAssembly linear memory
* @param offset an offset into the WebAssembly linear memory
* @return char at the offset
**/
static inline char *
get_memory_string(u32 offset)
static inline char
get_memory_character(u32 offset)
{
char *naive_ptr = get_memory_ptr_for_runtime(offset, 1);
int i = 0;
while (true) {
// Keep bounds checking the waters over and over until we know it's safe (we find a terminating
// character)
char ith_element = get_memory_ptr_for_runtime(offset, i + 1)[i];
char result = get_memory_ptr_for_runtime(offset, 1)[0];
return result;
}
if (ith_element == '\0') return naive_ptr;
i++;
/**
* Get a null-terminated String from WebAssembly linear memory
* @param offset an offset into the WebAssembly linear memory
* @param max_length the maximum expected length in characters
* @return pointer to the string or NULL if max_length is reached without finding null-terminator
**/
static inline char *
get_memory_string(u32 offset, u32 max_length)
{
for (int i = 0; i < max_length; i++) {
if (get_memory_character(offset + i) == '\0') return get_memory_ptr_void(offset, 1);
}
return NULL;
}
/**

@ -183,7 +183,7 @@ i32
wasm_open(i32 path_off, i32 flags, i32 mode)
{
uv_fs_t req = UV_FS_REQ_INIT();
char * path = get_memory_string(path_off);
char * path = get_memory_string(path_off, 4096);
int iofd = current_sandbox__initialize_io_handle();
if (iofd < 0) return -1;
@ -296,7 +296,7 @@ struct wasm_stat {
i32
wasm_stat(u32 path_str_offset, i32 stat_offset)
{
char * path = get_memory_string(path_str_offset);
char * path = get_memory_string(path_str_offset, 4096);
struct wasm_stat *stat_ptr = get_memory_ptr_void(stat_offset, sizeof(struct wasm_stat));
struct stat stat;
@ -388,7 +388,7 @@ wasm_fstat(i32 filedes, i32 stat_offset)
i32
wasm_lstat(i32 path_str_offset, i32 stat_offset)
{
char * path = get_memory_string(path_str_offset);
char * path = get_memory_string(path_str_offset, 4096);
struct wasm_stat *stat_ptr = get_memory_ptr_void(stat_offset, sizeof(struct wasm_stat));
struct stat stat;
@ -664,7 +664,7 @@ wasm_getcwd(u32 buf_offset, u32 buf_size)
u32
wasm_unlink(u32 path_str_offset)
{
char * str = get_memory_string(path_str_offset);
char * str = get_memory_string(path_str_offset, 4096);
uv_fs_t req = UV_FS_REQ_INIT();
debuglog("[%p] start[%s]\n", uv_fs_get_data(&req), str);
uv_fs_unlink(get_thread_libuv_handle(), &req, str, wasm_fs_callback);

Loading…
Cancel
Save