Add type check to data segment offset (#525)

This is a conservative check that we can do in the binary
reader itself.  More extensive checking is still done in the
interpreter (i.e. vefiying the type of the global).

2 files changed, 18 insertions, 14 deletions

diff --git a/src/binary-reader-interpreter.cc b/src/binary-reader-interpreter.cc
index a5086c78..4cac588f 100644
--- a/src/binary-reader-interpreter.cc
+++ b/src/binary-reader-interpreter.cc
@@ -973,11 +973,7 @@ wabt::Result BinaryReaderInterpreter::OnStartFunction(Index func_index) {
 }
 
 wabt::Result BinaryReaderInterpreter::EndElemSegmentInitExpr(Index index) {
-  if (init_expr_value.type != Type::I32) {
-    PrintError("type mismatch in elem segment, expected i32 but got %s",
-               GetTypeName(init_expr_value.type));
-    return wabt::Result::Error;
-  }
+  assert(init_expr_value.type == Type::I32);
   table_offset = init_expr_value.value.i32;
   return wabt::Result::Ok;
 }
@@ -1010,11 +1006,7 @@ wabt::Result BinaryReaderInterpreter::OnDataSegmentData(Index index,
                                                         Address size) {
   assert(module->memory_index != kInvalidIndex);
   Memory* memory = env->GetMemory(module->memory_index);
-  if (init_expr_value.type != Type::I32) {
-    PrintError("type mismatch in data segment, expected i32 but got %s",
-               GetTypeName(init_expr_value.type));
-    return wabt::Result::Error;
-  }
+  assert(init_expr_value.type == Type::I32);
   Address address = init_expr_value.value.i32;
   uint64_t end_address =
       static_cast<uint64_t>(address) + static_cast<uint64_t>(size);
diff --git a/src/binary-reader.cc b/src/binary-reader.cc
index d17751c1..c484ae4d 100644
--- a/src/binary-reader.cc
+++ b/src/binary-reader.cc
@@ -176,7 +176,8 @@ class BinaryReader {
   Index NumTotalMemories();
   Index NumTotalGlobals();
 
-  Result ReadInitExpr(Index index) WABT_WARN_UNUSED;
+  Result ReadI32InitExpr(Index index) WABT_WARN_UNUSED;
+  Result ReadInitExpr(Index index, bool require_i32 = false) WABT_WARN_UNUSED;
   Result ReadTable(Type* out_elem_type,
                    Limits* out_elem_limits) WABT_WARN_UNUSED;
   Result ReadMemory(Limits* out_page_limits) WABT_WARN_UNUSED;
@@ -492,9 +493,14 @@ Index BinaryReader::NumTotalGlobals() {
   return num_global_imports_ + num_globals_;
 }
 
-Result BinaryReader::ReadInitExpr(Index index) {
+Result BinaryReader::ReadI32InitExpr(Index index) {
+  return ReadInitExpr(index, true);
+}
+
+Result BinaryReader::ReadInitExpr(Index index, bool require_i32) {
   Opcode opcode;
   CHECK_RESULT(ReadOpcode(&opcode, "opcode"));
+
   switch (opcode) {
     case Opcode::I32Const: {
       uint32_t value = 0;
@@ -538,6 +544,12 @@ Result BinaryReader::ReadInitExpr(Index index) {
       return ReportUnexpectedOpcode(opcode, "in initializer expression");
   }
 
+  if (require_i32 && opcode != Opcode::I32Const &&
+      opcode != Opcode::GetGlobal) {
+    PrintError("expected i32 init_expr");
+    return Result::Error;
+  }
+
   CHECK_RESULT(ReadOpcode(&opcode, "opcode"));
   ERROR_UNLESS(opcode == Opcode::End,
                "expected END opcode after initializer expression");
@@ -1581,7 +1593,7 @@ Result BinaryReader::ReadElemSection(Offset section_size) {
     CHECK_RESULT(ReadIndex(&table_index, "elem segment table index"));
     CALLBACK(BeginElemSegment, i, table_index);
     CALLBACK(BeginElemSegmentInitExpr, i);
-    CHECK_RESULT(ReadInitExpr(i));
+    CHECK_RESULT(ReadI32InitExpr(i));
     CALLBACK(EndElemSegmentInitExpr, i);
 
     Index num_function_indexes;
@@ -1647,7 +1659,7 @@ Result BinaryReader::ReadDataSection(Offset section_size) {
     CHECK_RESULT(ReadIndex(&memory_index, "data segment memory index"));
     CALLBACK(BeginDataSegment, i, memory_index);
     CALLBACK(BeginDataSegmentInitExpr, i);
-    CHECK_RESULT(ReadInitExpr(i));
+    CHECK_RESULT(ReadI32InitExpr(i));
     CALLBACK(EndDataSegmentInitExpr, i);
 
     Address data_size;