From 1c62fc77b7ac612f4a09a9b64aa1f6823809665a Mon Sep 17 00:00:00 2001
From: Alon Zakai <alonzakai@gmail.com>
Date: Fri, 6 Nov 2015 11:38:28 -0800
Subject: trap on runaway recursion

---
 src/wasm-interpreter.h | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

(limited to 'src/wasm-interpreter.h')

diff --git a/src/wasm-interpreter.h b/src/wasm-interpreter.h
index a935d2069..0e67a1845 100644
--- a/src/wasm-interpreter.h
+++ b/src/wasm-interpreter.h
@@ -26,7 +26,8 @@ int32_t safe_ctz(int32_t v) {
 }
 
 enum {
-  pageSize = 64*1024
+  pageSize = 64*1024,
+  maxCallDepth = 5000
 };
 
 //
@@ -66,6 +67,8 @@ public:
 
 private:
 
+  size_t callDepth = 0;
+
 #ifdef WASM_INTERPRETER_DEBUG
   int indent = 0;
 #endif
@@ -680,6 +683,9 @@ private:
       }
     };
 
+    if (callDepth > maxCallDepth) externalInterface->trap();
+    callDepth++;
+
     Function *function = wasm.functionsMap[name];
     assert(function);
     FunctionScope scope(function, arguments);
@@ -687,6 +693,7 @@ private:
     Literal ret = ExpressionRunner(*this, scope).visit(function->body).value;
     if (function->result == none) ret = Literal();
     assert(function->result == ret.type);
+    callDepth--;
     return ret;
   }
 
-- 
cgit v1.2.3