Wasmtime GitHub notifications bot (Aug 20 2024 at 19:17): Wasmtime GitHub notifications bot (Aug 20 2024 at 19:17):saulecabrera opened PR #9156 from saulecabrera:fix-oob-dynamic-heaps to bytecodealliance:main:
This commit fixes and edge case for bounds checks for dynamic heaps.
https://github.com/bytecodealliance/wasmtime/pull/8157/files erroneously tied the bounds check operation (more concretely the overflow check) to the size derived from from the heap type. Even though offsets and access sizes are validated ahead-of-time and bound to the heap type, in the case of overflow checking, we must ensure that the operation size is tied to the target's pointer size to avoid clamping the access size and offset addition, which would result in missing an out-of-bounds memory access.
This commit also adds a disassembly test to avoid introducing regressions in the future.
Additionally, this commit adds more comments around why
pointer_sizeis used for certain bounds checking operations.<!--
Please make sure you include the following information:
If this work has been discussed elsewhere, please include a link to that
conversation. If it was discussed in an issue, just mention "issue #...".Explain why this change is needed. If the details are in an issue already,
this can be brief.Our development process is documented in the Wasmtime book:
https://docs.wasmtime.dev/contributing-development-process.htmlPlease ensure all communication follows the code of conduct:
https://github.com/bytecodealliance/wasmtime/blob/main/CODE_OF_CONDUCT.md
-->
Wasmtime GitHub notifications bot (Aug 20 2024 at 19:17):saulecabrera requested abrown for a review on PR #9156.
Wasmtime GitHub notifications bot (Aug 20 2024 at 19:17):saulecabrera requested wasmtime-compiler-reviewers for a review on PR #9156.
Wasmtime GitHub notifications bot (Aug 20 2024 at 19:17):saulecabrera requested alexcrichton for a review on PR #9156.
Wasmtime GitHub notifications bot (Aug 20 2024 at 19:17):saulecabrera requested wasmtime-core-reviewers for a review on PR #9156.
Wasmtime GitHub notifications bot (Aug 20 2024 at 19:19):saulecabrera updated PR #9156.
Wasmtime GitHub notifications bot (Aug 20 2024 at 19:24):alexcrichton submitted PR review.
Wasmtime GitHub notifications bot (Aug 20 2024 at 19:26):saulecabrera has enabled auto merge for PR #9156.
Wasmtime GitHub notifications bot (Aug 20 2024 at 19:44):saulecabrera merged PR #9156.
Last updated: Oct 23 2024 at 20:03 UTC