From c4b82ace74069d61d84f8cb5f1298352632bd6ad Mon Sep 17 00:00:00 2001 From: Ali Mohammad Pur Date: Mon, 21 Jun 2021 21:03:08 +0430 Subject: [PATCH] LibWasm: Limit the call stack depth and the number of executed insts These limits are described in the spec, and we're supposed to stop execution at some point. The limits are arbitrarily chosen. --- .../LibWasm/AbstractMachine/BytecodeInterpreter.cpp | 7 +++++++ Userland/Libraries/LibWasm/Constants.h | 4 ++++ 2 files changed, 11 insertions(+) diff --git a/Userland/Libraries/LibWasm/AbstractMachine/BytecodeInterpreter.cpp b/Userland/Libraries/LibWasm/AbstractMachine/BytecodeInterpreter.cpp index 6a9b620ea8..3b0d3dd12c 100644 --- a/Userland/Libraries/LibWasm/AbstractMachine/BytecodeInterpreter.cpp +++ b/Userland/Libraries/LibWasm/AbstractMachine/BytecodeInterpreter.cpp @@ -36,8 +36,13 @@ void BytecodeInterpreter::interpret(Configuration& configuration) auto& instructions = configuration.frame().expression().instructions(); auto max_ip_value = InstructionPointer { instructions.size() }; auto& current_ip_value = configuration.ip(); + u64 executed_instructions = 0; while (current_ip_value < max_ip_value) { + if (executed_instructions++ >= Constants::max_allowed_executed_instructions_per_call) [[unlikely]] { + m_do_trap = true; + return; + } auto& instruction = instructions[current_ip_value.value()]; auto old_ip = current_ip_value; interpret(configuration, current_ip_value, instruction); @@ -122,6 +127,8 @@ void BytecodeInterpreter::store_to_memory(Configuration& configuration, Instruct void BytecodeInterpreter::call_address(Configuration& configuration, FunctionAddress address) { + TRAP_IF_NOT(configuration.depth() <= Constants::max_allowed_call_stack_depth); + auto instance = configuration.store().get(address); TRAP_IF_NOT(instance); FunctionType const* type { nullptr }; diff --git a/Userland/Libraries/LibWasm/Constants.h b/Userland/Libraries/LibWasm/Constants.h index 7ae73b782a..51438ce522 100644 --- a/Userland/Libraries/LibWasm/Constants.h +++ b/Userland/Libraries/LibWasm/Constants.h @@ -36,4 +36,8 @@ static constexpr auto extern_global_tag = 0x03; static constexpr auto page_size = 64 * KiB; +// Limits +static constexpr auto max_allowed_call_stack_depth = 1000; +static constexpr auto max_allowed_executed_instructions_per_call = 64 * 1024 * 1024; + }