Fix OSS-Fuzz issues

3 years ago · 0e908d4435
parent e5c9dc68fd
commit 0e908d4435
4 changed files with 12 additions and 6 deletions
--- a/source/m3_compile.c
+++ b/source/m3_compile.c
@ -2399,6 +2399,8 @@ void  SetupCompilation (IM3Compilation o)

 M3Result  Compile_Function  (IM3Function io_function)
 {
+    if (!io_function->wasm) return "function body is missing";
+
    IM3FuncType funcType = io_function->funcType;

    M3Result result = m3Err_none;                                   m3log (compile, "compiling: '%s'; wasm-size: %d; numArgs: %d; return: %s",
--- a/source/m3_env.h
+++ b/source/m3_env.h
@ -89,9 +89,7 @@ typedef struct M3Module
    u32                     numFuncTypes;
    IM3FuncType *           funcTypes;              // array of pointers to list of FuncTypes

-    u32                     numImports;
-    //IM3Function *           imports;   b          // notice: "I" prefix. imports are pointers to functions in another module.
-
+    u32                     numFuncImports;
    u32                     numFunctions;
    M3Function *            functions;

--- a/source/m3_module.c
+++ b/source/m3_module.c
@ -34,6 +34,10 @@ void  m3_FreeModule  (IM3Module i_module)
        m3_Free (i_module->dataSegments);
        m3_Free (i_module->table0);

+        for (u32 i = 0; i < i_module->numGlobals; ++i)
+        {
+        	m3_Free (i_module->globals[i].name);
+        }
        for (u32 i = 0; i < i_module->numGlobals; ++i)
        {
            FreeImportInfo(&(i_module->globals[i].import));
--- a/source/m3_parse.c
+++ b/source/m3_parse.c
@ -168,7 +168,7 @@ _               (ReadLEB_u32 (& typeIndex, & i_bytes, i_end))
 _               (Module_AddFunction (io_module, typeIndex, & import))
                import = clearImport;

-                io_module->numImports++;
+                io_module->numFuncImports++;
            }
            break;

@ -324,7 +324,7 @@ M3Result  ParseSection_Code  (M3Module * io_module, bytes_t i_bytes, cbytes_t i_
    u32 numFunctions;
 _   (ReadLEB_u32 (& numFunctions, & i_bytes, i_end));                               m3log (parse, "** Code [%d]", numFunctions);

-    if (numFunctions != io_module->numFunctions - io_module->numImports)
+    if (numFunctions != io_module->numFunctions - io_module->numFuncImports)
    {
        _throw ("mismatched function count in code section");
    }
@ -361,7 +361,7 @@ _                   (NormalizeType (& normalType, wasmType));
                    numLocals += varCount;                                                      m3log (parse, "      %2d locals; type: '%s'", varCount, c_waTypes [normalType]);
                }

-                IM3Function func = Module_GetFunction (io_module, f + io_module->numImports);
+                IM3Function func = Module_GetFunction (io_module, f + io_module->numFuncImports);

                func->module = io_module;
                func->wasm = start;
@ -411,6 +411,8 @@ _       (ReadLEB_u32 (& segment->size, & i_bytes, i_end));
        segment->data = i_bytes;                                                    m3log (parse, "    segment [%u]  memory: %u;  expr-size: %d;  size: %d",
                                                                                       i, segment->memoryRegion, segment->initExprSize, segment->size);
        i_bytes += segment->size;
+
+		_throwif("data segment underflow", i_bytes > i_end);
    }

    _catch: