Главная Обзор Помощь
Вход
bytecodealliance
/
wasm-micro-runtime
зеркало из https://github-proxy.rt-thread.io/bytecodealliance/wasm-micro-runtime.git
2
0
Ответвить 0
Файлы Задачи 0 Вики
Просмотр исходного кода

Fix some issues reported by klocwork (#1233)

Change memcpy to bh_memcpy_s and add some asserts to
enhance the security.
Xu Jun 3 лет назад
Родитель
188d5e70e9
Сommit
4b38205023
6 измененных файлов с 38 добавлено и 22 удалено
Разделённый вид Показать статистику Diff
  1. 2 2
      core/iwasm/aot/aot_loader.c
  2. 8 5
      core/iwasm/common/wasm_application.c
  3. 8 0
      core/iwasm/common/wasm_runtime_common.c
  4. 2 0
      core/iwasm/libraries/debug-engine/handler.c
  5. 4 4
      core/shared/platform/common/math/math.c
  6. 14 11
      core/shared/utils/bh_vector.c

+ 2 - 2
core/iwasm/aot/aot_loader.c
Просмотреть файл 

@@ -152,7 +152,7 @@ GET_U64_FROM_ADDR(uint32 *addr)
 
 #define read_byte_array(p, p_end, addr, len) \
 
     do {                                     \
 
         CHECK_BUF(p, p_end, len);            \
 
-        memcpy(addr, p, len);                \
 
+        bh_memcpy_s(addr, len, p, len);      \
 
         p += len;                            \
 
     } while (0)
 
 
@@ -1847,7 +1847,7 @@ do_text_relocation(AOTModule *module, AOTRelocationGroup *group,
 
                 return false;
 
             }
 
         }
 
-        memcpy(symbol, relocation->symbol_name, symbol_len);
 
+        bh_memcpy_s(symbol, symbol_len, relocation->symbol_name, symbol_len);
 
         symbol[symbol_len] = '\0';
 
 
         if (!strncmp(symbol, AOT_FUNC_PREFIX, strlen(AOT_FUNC_PREFIX))) {

+ 8 - 5
core/iwasm/common/wasm_application.c
Просмотреть файл 

@@ -485,7 +485,7 @@ execute_func(WASMModuleInstanceCommon *module_inst, const char *name,
 
                             u.ieee.ieee_little_endian.negative = 1;
 
                         else
 
                             u.ieee.ieee_big_endian.negative = 1;
 
-                        memcpy(&f32, &u.f, sizeof(float));
 
+                        bh_memcpy_s(&f32, sizeof(float), &u.f, sizeof(float));
 
                     }
 
                     if (endptr[0] == ':') {
 
                         uint32 sig;
 
@@ -496,10 +496,11 @@ execute_func(WASMModuleInstanceCommon *module_inst, const char *name,
 
                             u.ieee.ieee_little_endian.mantissa = sig;
 
                         else
 
                             u.ieee.ieee_big_endian.mantissa = sig;
 
-                        memcpy(&f32, &u.f, sizeof(float));
 
+                        bh_memcpy_s(&f32, sizeof(float), &u.f, sizeof(float));
 
                     }
 
                 }
 
-                memcpy(&argv1[p++], &f32, sizeof(float));
 
+                bh_memcpy_s(&argv1[p], total_size - p, &f32, sizeof(float));
 
+                p++;
 
                 break;
 
             }
 
             case VALUE_TYPE_F64:
 
@@ -517,7 +518,8 @@ execute_func(WASMModuleInstanceCommon *module_inst, const char *name,
 
                             ud.ieee.ieee_little_endian.negative = 1;
 
                         else
 
                             ud.ieee.ieee_big_endian.negative = 1;
 
-                        memcpy(&u.val, &ud.d, sizeof(double));
 
+                        bh_memcpy_s(&u.val, sizeof(double), &ud.d,
 
+                                    sizeof(double));
 
                     }
 
                     if (endptr[0] == ':') {
 
                         uint64 sig;
 
@@ -532,7 +534,8 @@ execute_func(WASMModuleInstanceCommon *module_inst, const char *name,
 
                             ud.ieee.ieee_big_endian.mantissa0 = sig >> 32;
 
                             ud.ieee.ieee_big_endian.mantissa1 = (uint32)sig;
 
                         }
 
-                        memcpy(&u.val, &ud.d, sizeof(double));
 
+                        bh_memcpy_s(&u.val, sizeof(double), &ud.d,
 
+                                    sizeof(double));
 
                     }
 
                 }
 
                 argv1[p++] = u.parts[0];

+ 8 - 0
core/iwasm/common/wasm_runtime_common.c
Просмотреть файл 

@@ -1245,6 +1245,8 @@ wasm_func_get_param_count(WASMFunctionInstanceCommon *const func_inst,
 
 {
 
     WASMType *type =
 
         wasm_runtime_get_function_type(func_inst, module_inst->module_type);
 
+    bh_assert(type);
 
+
 
     return type->param_count;
 
 }
 
 
@@ -1254,6 +1256,8 @@ wasm_func_get_result_count(WASMFunctionInstanceCommon *const func_inst,
 
 {
 
     WASMType *type =
 
         wasm_runtime_get_function_type(func_inst, module_inst->module_type);
 
+    bh_assert(type);
 
+
 
     return type->result_count;
 
 }
 
 
@@ -1288,6 +1292,8 @@ wasm_func_get_param_types(WASMFunctionInstanceCommon *const func_inst,
 
         wasm_runtime_get_function_type(func_inst, module_inst->module_type);
 
     uint32 i;
 
 
+    bh_assert(type);
 
+
 
     for (i = 0; i < type->param_count; i++) {
 
         param_types[i] = val_type_to_val_kind(type->types[i]);
 
     }
 
@@ -1302,6 +1308,8 @@ wasm_func_get_result_types(WASMFunctionInstanceCommon *const func_inst,
 
         wasm_runtime_get_function_type(func_inst, module_inst->module_type);
 
     uint32 i;
 
 
+    bh_assert(type);
 
+
 
     for (i = 0; i < type->result_count; i++) {
 
         result_types[i] =
 
             val_type_to_val_kind(type->types[type->param_count + i]);

+ 2 - 0
core/iwasm/libraries/debug-engine/handler.c
Просмотреть файл 

@@ -374,6 +374,8 @@ send_thread_stop_status(WASMGDBServer *server, uint32 status, korp_tid tid)
 
 
     exec_env = wasm_debug_instance_get_current_env(
 
         (WASMDebugInstance *)server->thread->debug_instance);
 
+    bh_assert(exec_env);
 
+
 
     exception =
 
         wasm_runtime_get_exception(wasm_runtime_get_module_inst(exec_env));
 
     if (exception) {

+ 4 - 4
core/shared/platform/common/math/math.c
Просмотреть файл 

@@ -1091,7 +1091,7 @@ static float
 
 freebsd_fminf(float x, float y)
 
 {
 
     if (is_little_endian()) {
 
-        IEEEf2bits_L u[2];
 
+        IEEEf2bits_L u[2] = { 0 };
 
 
         u[0].f = x;
 
         u[1].f = y;
 
@@ -1107,7 +1107,7 @@ freebsd_fminf(float x, float y)
 
             return (u[u[1].bits.sign].f);
 
     }
 
     else {
 
-        IEEEf2bits_B u[2];
 
+        IEEEf2bits_B u[2] = { 0 };
 
 
         u[0].f = x;
 
         u[1].f = y;
 
@@ -1130,7 +1130,7 @@ static float
 
 freebsd_fmaxf(float x, float y)
 
 {
 
     if (is_little_endian()) {
 
-        IEEEf2bits_L u[2];
 
+        IEEEf2bits_L u[2] = { 0 };
 
 
         u[0].f = x;
 
         u[1].f = y;
 
@@ -1146,7 +1146,7 @@ freebsd_fmaxf(float x, float y)
 
             return (u[u[0].bits.sign].f);
 
     }
 
     else {
 
-        IEEEf2bits_B u[2];
 
+        IEEEf2bits_B u[2] = { 0 };
 
 
         u[0].f = x;
 
         u[1].f = y;

+ 14 - 11
core/shared/utils/bh_vector.c
Просмотреть файл 

@@ -42,7 +42,8 @@ extend_vector(Vector *vector, size_t length)
 
         return false;
 
     }
 
 
-    memcpy(data, vector->data, vector->size_elem * vector->max_elems);
 
+    bh_memcpy_s(data, vector->size_elem * length, vector->data,
 
+                vector->size_elem * vector->max_elems);
 
     BH_FREE(vector->data);
 
 
     vector->data = data;
 
@@ -109,8 +110,8 @@ bh_vector_set(Vector *vector, uint32 index, const void *elem_buf)
 
 
     if (vector->lock)
 
         os_mutex_lock(vector->lock);
 
-    memcpy(vector->data + vector->size_elem * index, elem_buf,
 
-           vector->size_elem);
 
+    bh_memcpy_s(vector->data + vector->size_elem * index, vector->size_elem,
 
+                elem_buf, vector->size_elem);
 
     if (vector->lock)
 
         os_mutex_unlock(vector->lock);
 
     return true;
 
@@ -131,8 +132,8 @@ bh_vector_get(Vector *vector, uint32 index, void *elem_buf)
 
 
     if (vector->lock)
 
         os_mutex_lock(vector->lock);
 
-    memcpy(elem_buf, vector->data + vector->size_elem * index,
 
-           vector->size_elem);
 
+    bh_memcpy_s(elem_buf, vector->size_elem,
 
+                vector->data + vector->size_elem * index, vector->size_elem);
 
     if (vector->lock)
 
         os_mutex_unlock(vector->lock);
 
     return true;
 
@@ -165,11 +166,12 @@ bh_vector_insert(Vector *vector, uint32 index, const void *elem_buf)
 
 
     p = vector->data + vector->size_elem * vector->num_elems;
 
     for (i = vector->num_elems - 1; i > index; i--) {
 
-        memcpy(p, p - vector->size_elem, vector->size_elem);
 
+        bh_memcpy_s(p, vector->size_elem, p - vector->size_elem,
 
+                    vector->size_elem);
 
         p -= vector->size_elem;
 
     }
 
 
-    memcpy(p, elem_buf, vector->size_elem);
 
+    bh_memcpy_s(p, vector->size_elem, elem_buf, vector->size_elem);
 
     vector->num_elems++;
 
     ret = true;
 
 
@@ -199,8 +201,8 @@ bh_vector_append(Vector *vector, const void *elem_buf)
 
         goto unlock_return;
 
     }
 
 
-    memcpy(vector->data + vector->size_elem * vector->num_elems, elem_buf,
 
-           vector->size_elem);
 
+    bh_memcpy_s(vector->data + vector->size_elem * vector->num_elems,
 
+                vector->size_elem, elem_buf, vector->size_elem);
 
     vector->num_elems++;
 
     ret = true;
 
 
@@ -232,11 +234,12 @@ bh_vector_remove(Vector *vector, uint32 index, void *old_elem_buf)
 
     p = vector->data + vector->size_elem * index;
 
 
     if (old_elem_buf) {
 
-        memcpy(old_elem_buf, p, vector->size_elem);
 
+        bh_memcpy_s(old_elem_buf, vector->size_elem, p, vector->size_elem);
 
     }
 
 
     for (i = index; i < vector->num_elems - 1; i++) {
 
-        memcpy(p, p + vector->size_elem, vector->size_elem);
 
+        bh_memcpy_s(p, vector->size_elem, p + vector->size_elem,
 
+                    vector->size_elem);
 
         p += vector->size_elem;
 
     }