febda64f15
The signed integer overflow occurred when adding one to target_count for (i = 0; i < target_count + 1; i++) but that's the least of the worries here. target_count was long and i int, leading to the possibility of a loop that never ended. So to avoid this type of vulnerability, this patch uses what I believe to be the proper types for arguments of various wasm32 opcodes, rather than using "long" which may change in size. gas/ * testsuite/gas/wasm32/allinsn.d: Update expected output. opcodes/ * wasm32-dis.c (print_insn_wasm32): Localise variables. Store result of wasm_read_leb128 in a uint64_t and check that bits are not lost when copying to other locals. Use uint32_t for most locals. Use PRId64 when printing int64_t. |
||
---|---|---|
.. | ||
allinsn.d | ||
allinsn.s | ||
disass-2.d | ||
disass-2.s | ||
disass.d | ||
disass.s | ||
illegal-2.l | ||
illegal-2.s | ||
illegal-3.l | ||
illegal-3.s | ||
illegal-4.l | ||
illegal-4.s | ||
illegal-5.l | ||
illegal-5.s | ||
illegal-6.l | ||
illegal-6.s | ||
illegal-7.l | ||
illegal-7.s | ||
illegal-8.l | ||
illegal-8.s | ||
illegal-9.l | ||
illegal-9.s | ||
illegal-10.l | ||
illegal-10.s | ||
illegal-11.l | ||
illegal-11.s | ||
illegal-12.l | ||
illegal-12.s | ||
illegal-13.l | ||
illegal-13.s | ||
illegal-14.l | ||
illegal-14.s | ||
illegal-15.l | ||
illegal-15.s | ||
illegal-16.l | ||
illegal-16.s | ||
illegal-17.l | ||
illegal-17.s | ||
illegal-18.l | ||
illegal-18.s | ||
illegal-19.l | ||
illegal-19.s | ||
illegal-20.l | ||
illegal-20.s | ||
illegal-21.l | ||
illegal-21.s | ||
illegal-22.l | ||
illegal-24.l | ||
illegal-24.s | ||
illegal-25.l | ||
illegal-25.s | ||
illegal.l | ||
illegal.s | ||
reloc.d | ||
reloc.s | ||
wasm32.exp |