Skip to content

Commit a769a3d

Browse files
xujuntwt95329xujuntwt95329
committed
fix frame_offset overflow issue
1 parent 7cac053 commit a769a3d

File tree

2 files changed

+16
-4
lines changed

2 files changed

+16
-4
lines changed

core/iwasm/interpreter/wasm_loader.c

+8-2
Original file line numberDiff line numberDiff line change
@@ -10796,8 +10796,14 @@ wasm_loader_prepare_bytecode(WASMModule *module, WASMFunction *func,
1079610796
* Since the stack is already in polymorphic state,
1079710797
* the opcode will not be executed, so the dummy
1079810798
* offset won't cause any error */
10799-
*loader_ctx->frame_offset++ = 0;
10800-
if (cell_num > 1) {
10799+
uint32_t n;
10800+
10801+
for (n = 0; n < cell_num; n++) {
10802+
if (loader_ctx->p_code_compiled == NULL) {
10803+
if (!check_offset_push(loader_ctx, error_buf,
10804+
error_buf_size))
10805+
goto fail;
10806+
}
1080110807
*loader_ctx->frame_offset++ = 0;
1080210808
}
1080310809
}

core/iwasm/interpreter/wasm_mini_loader.c

+8-2
Original file line numberDiff line numberDiff line change
@@ -5931,8 +5931,14 @@ wasm_loader_prepare_bytecode(WASMModule *module, WASMFunction *func,
59315931
* Since the stack is already in polymorphic state,
59325932
* the opcode will not be executed, so the dummy
59335933
* offset won't cause any error */
5934-
*loader_ctx->frame_offset++ = 0;
5935-
if (cell_num > 1) {
5934+
uint32_t n;
5935+
5936+
for (n = 0; n < cell_num; n++) {
5937+
if (loader_ctx->p_code_compiled == NULL) {
5938+
if (!check_offset_push(loader_ctx, error_buf,
5939+
error_buf_size))
5940+
goto fail;
5941+
}
59365942
*loader_ctx->frame_offset++ = 0;
59375943
}
59385944
}

0 commit comments

Comments
 (0)