LibWasm: Ensure that global.get only accesses imports in const exprs

(cherry picked from commit bd97091cbb4fd12cd323cedfa11f4c6f33250958)
2024-10-01 13:44:21 +00:00 · 2024-06-16 09:55:51 -07:00 · 2024-06-16 09:55:51 -07:00 · 145fb50fe0
parent 7b50f71e0e
commit 145fb50fe0
2 changed files with 8 additions and 3 deletions
--- a/Userland/Libraries/LibWasm/AbstractMachine/AbstractMachine.cpp
+++ b/Userland/Libraries/LibWasm/AbstractMachine/AbstractMachine.cpp
@ -206,6 +206,8 @@ InstantiationResult AbstractMachine::instantiate(Module const& module, Vector<Ex
    for (auto& entry : externs) {
        if (auto* ptr = entry.get_pointer<GlobalAddress>())
            auxiliary_instance.globals().append(*ptr);
+        else if (auto* ptr = entry.get_pointer<FunctionAddress>())
+            auxiliary_instance.functions().append(*ptr);
    }

    Vector<FunctionAddress> module_functions;
@ -253,7 +255,7 @@ InstantiationResult AbstractMachine::instantiate(Module const& module, Vector<Ex
                if (m_should_limit_instruction_count)
                    config.enable_instruction_count_limit();
                config.set_frame(Frame {
-                    main_module_instance,
+                    auxiliary_instance,
                    Vector<Value> {},
                    entry,
                    entry.instructions().size(),
@ -306,7 +308,7 @@ InstantiationResult AbstractMachine::instantiate(Module const& module, Vector<Ex
            if (m_should_limit_instruction_count)
                config.enable_instruction_count_limit();
            config.set_frame(Frame {
-                main_module_instance,
+                auxiliary_instance,
                Vector<Value> {},
                active_ptr->expression,
                1,
@ -361,7 +363,7 @@ InstantiationResult AbstractMachine::instantiate(Module const& module, Vector<Ex
                    if (m_should_limit_instruction_count)
                        config.enable_instruction_count_limit();
                    config.set_frame(Frame {
-                        main_module_instance,
+                        auxiliary_instance,
                        Vector<Value> {},
                        data.offset,
                        1,
--- a/Userland/Libraries/LibWasm/AbstractMachine/BytecodeInterpreter.cpp
+++ b/Userland/Libraries/LibWasm/AbstractMachine/BytecodeInterpreter.cpp
@ -728,6 +728,9 @@ void BytecodeInterpreter::interpret(Configuration& configuration, InstructionPoi
    }
    case Instructions::global_get.value(): {
        auto global_index = instruction.arguments().get<GlobalIndex>();
+        // This check here is for const expressions. In non-const expressions,
+        // a validation error would have been thrown.
+        TRAP_IF_NOT(global_index < configuration.frame().module().globals().size());
        auto address = configuration.frame().module().globals()[global_index.value()];
        dbgln_if(WASM_TRACE_DEBUG, "global({}) -> stack", address.value());
        auto global = configuration.store().get(address);