Fix issue of condition settings of app boundary check (#249)

core/iwasm/aot/aot_runtime.c

@@ -635,11 +635,10 @@ aot_validate_app_addr(AOTModuleInstance *module_inst,
         goto fail;
     }
 
-    if (app_offset <= module_inst->heap_base_offset
-        || app_offset + (int32)size > (int32)module_inst->memory_data_size) {
-        goto fail;
+    if (module_inst->heap_base_offset <= app_offset
+        && app_offset + (int32)size <= (int32)module_inst->memory_data_size) {
+        return true;
     }
-    return true;
 fail:
     aot_set_exception(module_inst, "out of bounds memory access");
     return false;
@@ -657,12 +656,11 @@ aot_validate_native_addr(AOTModuleInstance *module_inst,
         goto fail;
     }
 
-    if (addr <= (uint8*)module_inst->heap_data.ptr
-        || addr + size > (uint8*)module_inst->memory_data.ptr
-                         + memory_data_size) {
-        goto fail;
+    if ((uint8*)module_inst->heap_data.ptr <= addr
+        && addr + size <= (uint8*)module_inst->memory_data.ptr
+                          + memory_data_size) {
+        return true;
     }
-    return true;
 fail:
     aot_set_exception(module_inst, "out of bounds memory access");
     return false;
@@ -674,7 +672,7 @@ aot_addr_app_to_native(AOTModuleInstance *module_inst, int32 app_offset)
     int32 memory_data_size = (int32)module_inst->memory_data_size;
     uint8 *addr = (uint8 *)module_inst->memory_data.ptr + app_offset;
 
-    if ((uint8*)module_inst->heap_data.ptr < addr
+    if ((uint8*)module_inst->heap_data.ptr <= addr
         && addr < (uint8*)module_inst->memory_data.ptr
                   + memory_data_size)
         return addr;
@@ -687,7 +685,7 @@ aot_addr_native_to_app(AOTModuleInstance *module_inst, void *native_ptr)
     uint8 *addr = (uint8*)native_ptr;
     int32 memory_data_size = (int32)module_inst->memory_data_size;
 
-    if ((uint8*)module_inst->heap_data.ptr < addr
+    if ((uint8*)module_inst->heap_data.ptr <= addr
         && addr < (uint8*)module_inst->memory_data.ptr
                   + memory_data_size)
         return (int32)(addr - (uint8*)module_inst->memory_data.ptr);
@@ -702,7 +700,7 @@ aot_get_app_addr_range(AOTModuleInstance *module_inst,
 {
     int32 memory_data_size = (int32)module_inst->memory_data_size;
 
-    if (module_inst->heap_base_offset < app_offset
+    if (module_inst->heap_base_offset <= app_offset
         && app_offset < memory_data_size) {
         if (p_app_start_offset)
             *p_app_start_offset = module_inst->heap_base_offset;
@@ -722,7 +720,7 @@ aot_get_native_addr_range(AOTModuleInstance *module_inst,
     uint8 *addr = (uint8*)native_ptr;
     int32 memory_data_size = (int32)module_inst->memory_data_size;
 
-    if ((uint8*)module_inst->heap_data.ptr < addr
+    if ((uint8*)module_inst->heap_data.ptr <= addr
         && addr < (uint8*)module_inst->memory_data.ptr
                   + memory_data_size) {
         if (p_native_start_addr)

core/iwasm/interpreter/wasm_runtime.c

@@ -952,11 +952,10 @@ wasm_validate_app_addr(WASMModuleInstance *module_inst,
         goto fail;
     }
 
-    if (app_offset <= memory->heap_base_offset
-        || app_offset + (int32)size > memory_data_size) {
-        goto fail;
+    if (memory->heap_base_offset <= app_offset
+        && app_offset + (int32)size <= memory_data_size) {
+        return true;
     }
-    return true;
 fail:
     wasm_set_exception(module_inst, "out of bounds memory access");
     return false;
@@ -975,11 +974,10 @@ wasm_validate_native_addr(WASMModuleInstance *module_inst,
         goto fail;
     }
 
-    if (addr <= memory->heap_data
-        || addr + size > memory->memory_data + memory_data_size) {
-        goto fail;
+    if (memory->heap_data <= addr
+        && addr + size <= memory->memory_data + memory_data_size) {
+        return true;
     }
-    return true;
 fail:
     wasm_set_exception(module_inst, "out of bounds memory access");
     return false;
@@ -994,7 +992,7 @@ wasm_addr_app_to_native(WASMModuleInstance *module_inst,
     int32 memory_data_size =
         (int32)(memory->num_bytes_per_page * memory->cur_page_count);
 
-    if (memory->heap_data < addr
+    if (memory->heap_data <= addr
         && addr < memory->memory_data + memory_data_size)
         return addr;
     return NULL;
@@ -1009,7 +1007,7 @@ wasm_addr_native_to_app(WASMModuleInstance *module_inst,
     int32 memory_data_size =
         (int32)(memory->num_bytes_per_page * memory->cur_page_count);
 
-    if (memory->heap_data < addr
+    if (memory->heap_data <= addr
         && addr < memory->memory_data + memory_data_size)
         return (int32)(addr - memory->memory_data);
     return 0;
@@ -1025,7 +1023,7 @@ wasm_get_app_addr_range(WASMModuleInstance *module_inst,
     int32 memory_data_size =
         (int32)(memory->num_bytes_per_page * memory->cur_page_count);
 
-    if (memory->heap_base_offset < app_offset
+    if (memory->heap_base_offset <= app_offset
         && app_offset < memory_data_size) {
         if (p_app_start_offset)
             *p_app_start_offset = memory->heap_base_offset;
@@ -1047,7 +1045,7 @@ wasm_get_native_addr_range(WASMModuleInstance *module_inst,
     int32 memory_data_size =
         (int32)(memory->num_bytes_per_page * memory->cur_page_count);
 
-    if (memory->heap_data < addr
+    if (memory->heap_data <= addr
         && addr < memory->memory_data + memory_data_size) {
         if (p_native_start_addr)
             *p_native_start_addr = memory->heap_data;