[WebAssembly] Fix overflow for input with missing version

Differential revision: https://reviews.llvm.org/D37070

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@311605 91177308-0d34-0410-b5e6-96231b3b80d8

diff --git a/lib/Object/WasmObjectFile.cpp b/lib/Object/WasmObjectFile.cpp
index 7f80bf0b83a0a5f591863aa2dceb75cfda4a6665..91fc6138cd6cea2aa454a5cc5f84716684d1a38a 100644 (file)
--- a/lib/Object/WasmObjectFile.cpp
+++ b/lib/Object/WasmObjectFile.cpp
@@ -203,7 +203,16 @@ WasmObjectFile::WasmObjectFile(MemoryBufferRef Buffer, Error &Err)
                                   object_error::parse_failed);
     return;
   }
+
+  const uint8_t *Eof = getPtr(getData().size());
   const uint8_t *Ptr = getPtr(4);
+
+  if (Ptr + 4 > Eof) {
+    Err = make_error<StringError>("Missing version number",
+                                  object_error::parse_failed);
+    return;
+  }
+
   Header.Version = readUint32(Ptr);
   if (Header.Version != wasm::WasmVersion) {
     Err = make_error<StringError>("Bad version number",
@@ -211,7 +220,6 @@ WasmObjectFile::WasmObjectFile(MemoryBufferRef Buffer, Error &Err)
     return;
   }
 
-  const uint8_t *Eof = getPtr(getData().size());
   WasmSection Sec;
   while (Ptr < Eof) {
     if ((Err = readSection(Sec, Ptr, getPtr(0))))

diff --git a/test/Object/Inputs/WASM/missing-version.wasm b/test/Object/Inputs/WASM/missing-version.wasm
new file mode 100644 (file)
index 0000000..fc4f47f
Binary files /dev/null and b/test/Object/Inputs/WASM/missing-version.wasm differ

diff --git a/test/Object/wasm-missing-version.test b/test/Object/wasm-missing-version.test
new file mode 100644 (file)
index 0000000..98586e7
--- /dev/null
+++ b/test/Object/wasm-missing-version.test
@@ -0,0 +1,2 @@
+# RUN: not llvm-objdump -h %p/Inputs/WASM/missing-version.wasm 2>&1 | FileCheck %s
+# CHECK: {{.*}}: Missing version number