mirror of
https://github.com/ziglang/zig.git
synced 2025-12-06 14:23:09 +00:00
wasm2c: avoid indexing null pointer triggering undefined behavior
Using zig cc to compile and run wasm2c on zig.wasm on Windows triggers
what appears to be a sanitizer crash. The FuncGen reuse array pointer is
initialized to null and at some point it's resized to a length of zero,
which triggers this code to execute:
memcpy(&self->reuse[self->reuse_i], &self->reuse[reuse_top], sizeof(uint32_t) * reuse_n);
Given the current values, this equates to:
memcpy(&(NULL)[0], &(NULL)[0], 0);
Taking the address of the first element of a null pointer doesn't trigger
any actual runtime problem, since the pointer won't be dereferenced because
were passing 0 as the length to memcpy, however, it seems that the C spec
considers indexing a null pointer to be undefined behavior even if you
don't use the resulting value (or are just taking the address of an
indexed pointer).
This commit is contained in:
Jonathan Marler
Jacob Young
parent
455899668b
commit
1165e13c25
@ -179,8 +179,10 @@ static void FuncGen_blockBegin(struct FuncGen *self, FILE *out, enum WasmOpcode
|
|||||||
self->reuse = realloc(self->reuse, sizeof(uint32_t) * self->reuse_len);
|
self->reuse = realloc(self->reuse, sizeof(uint32_t) * self->reuse_len);
|
||||||
if (self->reuse == NULL) panic("out of memory");
|
if (self->reuse == NULL) panic("out of memory");
|
||||||
}
|
}
|
||||||
memcpy(&self->reuse[self->reuse_i], &self->reuse[reuse_top], sizeof(uint32_t) * reuse_n);
|
if (reuse_n != 0) {
|
||||||
self->reuse_i += reuse_n;
|
memcpy(&self->reuse[self->reuse_i], &self->reuse[reuse_top], sizeof(uint32_t) * reuse_n);
|
||||||
|
self->reuse_i += reuse_n;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
static enum WasmOpcode FuncGen_blockKind(const struct FuncGen *self, uint32_t label_idx) {
|
static enum WasmOpcode FuncGen_blockKind(const struct FuncGen *self, uint32_t label_idx) {
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user