[webkit-changes] [WebKit/WebKit] 5c94b6: Missing Trailing Code Validation in end Instruction
Yijia Huang
noreply at github.com
Thu Jan 16 01:33:51 PST 2025
Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 5c94b688c7a1fd50b27a4a6e9edce80eef46cffa
https://github.com/WebKit/WebKit/commit/5c94b688c7a1fd50b27a4a6e9edce80eef46cffa
Author: Yijia Huang <yijia_huang at apple.com>
Date: 2025-01-16 (Thu, 16 Jan 2025)
Changed paths:
A JSTests/wasm/stress/unexpected-function-body-size.js
M Source/JavaScriptCore/wasm/WasmBBQJIT.h
M Source/JavaScriptCore/wasm/WasmConstExprGenerator.cpp
M Source/JavaScriptCore/wasm/WasmFunctionParser.h
M Source/JavaScriptCore/wasm/WasmIPIntGenerator.cpp
M Source/JavaScriptCore/wasm/WasmLLIntGenerator.cpp
M Source/JavaScriptCore/wasm/WasmOMGIRGenerator.cpp
M Source/JavaScriptCore/wasm/WasmOMGIRGenerator32_64.cpp
Log Message:
-----------
Missing Trailing Code Validation in end Instruction
https://bugs.webkit.org/show_bug.cgi?id=285496
rdar://142866140
Reviewed by Yusuke Suzuki.
WASM parser should throw an error when parsing a function with a expected body size[1].
[1] https://webassembly.github.io/spec/core/binary/modules.html#code-section
* JSTests/wasm/stress/unexpected-function-body-size.js: Added.
* Source/JavaScriptCore/wasm/WasmFunctionParser.h:
(JSC::Wasm::FunctionParser<Context>::parseBody):
Canonical link: https://commits.webkit.org/288996@main
To unsubscribe from these emails, change your notification settings at https://github.com/WebKit/WebKit/settings/notifications
More information about the webkit-changes
mailing list