From 1fb71fa1ea9e5fd96e9698a4d4af4f1c26526865 Mon Sep 17 00:00:00 2001
From: Alex Crichton <alex@alexcrichton.com>
Date: Wed, 2 Mar 2022 14:04:59 -0600
Subject: [PATCH] Remove some asserts in `MemoryImage::new` (#3874)

This commit removes some `.unwrap()` annotations around casts between
integers to either be infallible or handle errors. This fixes a panic in
a fuzz test case that popped out for memory64-using modules. The actual
issue here is pretty benign, we were just too eager about assuming
things fit into 32-bit.
---
 crates/runtime/src/cow.rs | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/crates/runtime/src/cow.rs b/crates/runtime/src/cow.rs
index 7cd2987d1a..8a6ce36502 100644
--- a/crates/runtime/src/cow.rs
+++ b/crates/runtime/src/cow.rs
@@ -90,10 +90,12 @@ impl MemoryImage {
     ) -> Result<Option<MemoryImage>> {
         // Sanity-check that various parameters are page-aligned.
         let len = data.len();
-        let offset = u32::try_from(offset).unwrap();
-        assert_eq!(offset % page_size, 0);
+        assert_eq!(offset % u64::from(page_size), 0);
         assert_eq!((len as u32) % page_size, 0);
-        let linear_memory_offset = usize::try_from(offset).unwrap();
+        let linear_memory_offset = match usize::try_from(offset) {
+            Ok(offset) => offset,
+            Err(_) => return Ok(None),
+        };
 
         // If a backing `mmap` is present then `data` should be a sub-slice of
         // the `mmap`. The sanity-checks here double-check that. Additionally