Fix a panic with an invalid name section (#3509)
This commit fixes a panic which can happen on a module with an invalid name section where one of the functions named has the index `u32::MAX`. Previously Wasmtime would create a new `FuncIndex` with the indices found in the name section but the sentinel `u32::MAX` causes a panic. Cranelift otherwise limits the number of functions through `wasmparser` which has a hard limit (lower than `u32::MAX`) so this commit applies a fix of only recording function names for function indices that are actually present in the module.
This commit is contained in:
Alex Crichton
@@ -1277,6 +1277,11 @@ and for re-adding support for interface types you can see this issue:
|
||||
let mut names = f.get_map()?;
|
||||
for _ in 0..names.get_count() {
|
||||
let Naming { index, name } = names.read()?;
|
||||
// Skip this naming if it's naming a function that
|
||||
// doesn't actually exist.
|
||||
if (index as usize) >= self.result.module.functions.len() {
|
||||
continue;
|
||||
}
|
||||
let index = FuncIndex::from_u32(index);
|
||||
self.result
|
||||
.module
|
||||
@@ -1305,6 +1310,11 @@ and for re-adding support for interface types you can see this issue:
|
||||
let mut reader = l.get_indirect_map()?;
|
||||
for _ in 0..reader.get_indirect_count() {
|
||||
let f = reader.read()?;
|
||||
// Skip this naming if it's naming a function that
|
||||
// doesn't actually exist.
|
||||
if (f.indirect_index as usize) >= self.result.module.functions.len() {
|
||||
continue;
|
||||
}
|
||||
let mut map = f.get_map()?;
|
||||
for _ in 0..map.get_count() {
|
||||
let Naming { index, name } = map.read()?;
|
||||
|
||||
Reference in New Issue
Block a user