diff options
| author | Alon Zakai <alonzakai@gmail.com> | 2017-05-20 10:50:02 -0700 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2017-05-20 10:50:02 -0700 |
| commit | 9e0958982d2044949746c2d8290dbc0368546ebf (patch) | |
| tree | 40baee2d19419d76ff904b79b6146be980d5b287 /src | |
| parent | 2ddb7cb1f45cf9aeef90ec5c8000a2d279f0302b (diff) | |
| download | binaryen-9e0958982d2044949746c2d8290dbc0368546ebf.tar.gz binaryen-9e0958982d2044949746c2d8290dbc0368546ebf.tar.bz2 binaryen-9e0958982d2044949746c2d8290dbc0368546ebf.zip | |
afl-fuzz bug fixes (#1018)
* values cannot flow through an if without an else, they never return a value
* check pass tests in pass-debug mode too
* add missing finalization in binary reading
Diffstat (limited to 'src')
| -rw-r--r-- | src/passes/RemoveUnusedBrs.cpp | 3 | ||||
| -rw-r--r-- | src/wasm/wasm-binary.cpp | 4 |
2 files changed, 7 insertions, 0 deletions
diff --git a/src/passes/RemoveUnusedBrs.cpp b/src/passes/RemoveUnusedBrs.cpp index 4273b9f63..1fa996ae6 100644 --- a/src/passes/RemoveUnusedBrs.cpp +++ b/src/passes/RemoveUnusedBrs.cpp @@ -84,6 +84,9 @@ struct RemoveUnusedBrs : public WalkerPass<PostWalker<RemoveUnusedBrs>> { flows.push_back(flow); } self->ifStack.pop_back(); + } else { + // if without else stops the flow of values + self->valueCanFlow = false; } } else if (curr->is<Block>()) { // any breaks flowing to here are unnecessary, as we get here anyhow diff --git a/src/wasm/wasm-binary.cpp b/src/wasm/wasm-binary.cpp index 6448615a5..65c6f2a21 100644 --- a/src/wasm/wasm-binary.cpp +++ b/src/wasm/wasm-binary.cpp @@ -1800,6 +1800,7 @@ void WasmBinaryBuilder::visitSwitch(Switch *curr) { curr->default_ = defaultTarget.name; if (debug) std::cerr << "default: "<< curr->default_<<std::endl; if (defaultTarget.arity) curr->value = popNonVoidExpression(); + curr->finalize(); } Expression* WasmBinaryBuilder::visitCall() { @@ -1862,6 +1863,7 @@ void WasmBinaryBuilder::visitGetLocal(GetLocal *curr) { throw ParseException("bad get_local index"); } curr->type = currFunction->getLocalType(curr->index); + curr->finalize(); } void WasmBinaryBuilder::visitSetLocal(SetLocal *curr, uint8_t code) { @@ -2034,6 +2036,7 @@ bool WasmBinaryBuilder::maybeVisitUnary(Expression*& out, uint8_t code) { } if (debug) std::cerr << "zz node: Unary" << std::endl; curr->value = popNonVoidExpression(); + curr->finalize(); out = curr; return true; } @@ -2116,6 +2119,7 @@ void WasmBinaryBuilder::visitReturn(Return *curr) { if (currFunction->result != none) { curr->value = popNonVoidExpression(); } + curr->finalize(); } bool WasmBinaryBuilder::maybeVisitHost(Expression*& out, uint8_t code) { |