Fix crashes due to mishandling custom sections.
authorkeith_miller@apple.com <keith_miller@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 2 Feb 2018 04:30:37 +0000 (04:30 +0000)
committerkeith_miller@apple.com <keith_miller@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 2 Feb 2018 04:30:37 +0000 (04:30 +0000)
commitca25ce7cfe323cab28401ee8929ba50bde88f475
treeb6fefe7b248033ff6e05bce86bcd411666c062ee
parent3145b42c7b4ad4e65d4c877b8fff1d2191b9c39f
Fix crashes due to mishandling custom sections.
https://bugs.webkit.org/show_bug.cgi?id=182404
<rdar://problem/36935863>

Reviewed by Saam Barati.

JSTests:

* wasm/Builder.js:
(export.default.Builder.prototype._registerSectionBuilders.const.section.in.WASM.description.section.switch.section.case.string_appeared_here.this.section):
* wasm/js-api/validate.js:
(assert.truthy):

Source/JavaScriptCore:

This also cleans up some of our validation code. We also
mistakenly, allowed unknown (different from custom sections with
id: 0) section ids.

* wasm/WasmModuleParser.cpp:
(JSC::Wasm::ModuleParser::parse):
* wasm/WasmModuleParser.h:
* wasm/WasmSections.h:
(JSC::Wasm::isKnownSection):
(JSC::Wasm::decodeSection):
(JSC::Wasm::validateOrder):
(JSC::Wasm::makeString):
(JSC::Wasm::isValidSection): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@227994 268f45cc-cd09-0410-ab3c-d52691b4dbfc
JSTests/ChangeLog
JSTests/wasm/Builder.js
JSTests/wasm/js-api/validate.js
Source/JavaScriptCore/ChangeLog
Source/JavaScriptCore/wasm/WasmModuleParser.cpp
Source/JavaScriptCore/wasm/WasmModuleParser.h
Source/JavaScriptCore/wasm/WasmSections.h