Wasmtime GitHub notifications bot (May 04 2022 at 20:49): Wasmtime GitHub notifications bot (May 04 2022 at 20:49):cfallin edited issue #1093:
The function cranelift_simplejit::SimpleJITBuilder::symbol (as it's close related friend
symbols, and maybe other funcions) take a*const u8as parameter.
From what I can see, there is no check whatsoever on the value provided before it gets used here.
This function should probably either be marked as unsafe, or take something less permissive than a*const u8(maybe a NewType whose builder is marked unsafe?). As of now it is possible to pass it a null pointer or a dangling pointer (droppedVec, pointer to data from an old stack-frame...), and writing to any of those is definitely Undefined Behavior
Last updated: Nov 22 2024 at 17:03 UTC