diff options
| author | Alon Zakai <azakai@google.com> | 2021-04-06 10:09:19 -0700 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-04-06 10:09:19 -0700 |
| commit | 01bc21495af611948533686e372abddbd40825dc (patch) | |
| tree | c8020fd0ef815f85aa6d7789f7499014a31dd07d /src | |
| parent | cc0439224cfc2eabe8f8c28d782ab6b44a0f24f9 (diff) | |
| download | binaryen-01bc21495af611948533686e372abddbd40825dc.tar.gz binaryen-01bc21495af611948533686e372abddbd40825dc.tar.bz2 binaryen-01bc21495af611948533686e372abddbd40825dc.zip | |
Fuzzing in JS VMs: Emit null for reference type params instead of 0 (#3774)
VMs will not convert a 0 or undefined from JS into a wasm null reference - it must be null.
Diffstat (limited to 'src')
| -rw-r--r-- | src/tools/js-wrapper.h | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/src/tools/js-wrapper.h b/src/tools/js-wrapper.h index 9568bccc0..e6f553124 100644 --- a/src/tools/js-wrapper.h +++ b/src/tools/js-wrapper.h @@ -104,16 +104,20 @@ static std::string generateJSWrapper(Module& wasm) { } ret += std::string("instance.exports.") + exp->name.str + "("; bool first = true; - for (const auto& param : func->sig.params) { + for (auto param : func->sig.params) { // zeros in arguments TODO more? if (first) { first = false; } else { ret += ", "; } - ret += "0"; - if (param == Type::i64) { - ret += ", 0"; + if (param.isRef()) { + ret += "null"; + } else { + ret += "0"; + if (param == Type::i64) { + ret += ", 0"; + } } } ret += ")"; |