[webkit-changes] [WebKit/WebKit] 5c94b6: Missing Trailing Code Validation in end Instruction

Yijia Huang Thu, 16 Jan 2025 01:34:01 -0800

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 5c94b688c7a1fd50b27a4a6e9edce80eef46cffa
      
https://github.com/WebKit/WebKit/commit/5c94b688c7a1fd50b27a4a6e9edce80eef46cffa
  Author: Yijia Huang <yijia_hu...@apple.com>
  Date:   2025-01-16 (Thu, 16 Jan 2025)


  Changed paths:
    A JSTests/wasm/stress/unexpected-function-body-size.js
    M Source/JavaScriptCore/wasm/WasmBBQJIT.h
    M Source/JavaScriptCore/wasm/WasmConstExprGenerator.cpp
    M Source/JavaScriptCore/wasm/WasmFunctionParser.h
    M Source/JavaScriptCore/wasm/WasmIPIntGenerator.cpp
    M Source/JavaScriptCore/wasm/WasmLLIntGenerator.cpp
    M Source/JavaScriptCore/wasm/WasmOMGIRGenerator.cpp
    M Source/JavaScriptCore/wasm/WasmOMGIRGenerator32_64.cpp

  Log Message:
  -----------
  Missing Trailing Code Validation in end Instruction
https://bugs.webkit.org/show_bug.cgi?id=285496
rdar://142866140

Reviewed by Yusuke Suzuki.

WASM parser should throw an error when parsing a function with a expected body 
size[1].

[1] https://webassembly.github.io/spec/core/binary/modules.html#code-section

* JSTests/wasm/stress/unexpected-function-body-size.js: Added.
* Source/JavaScriptCore/wasm/WasmFunctionParser.h:
(JSC::Wasm::FunctionParser<Context>::parseBody):

Canonical link: https://commits.webkit.org/288996@main



To unsubscribe from these emails, change your notification settings at 
https://github.com/WebKit/WebKit/settings/notifications
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes

[webkit-changes] [WebKit/WebKit] 5c94b6: Missing Trailing Code Validation in end Instruction

Reply via email to