Index: llvm/trunk/lib/Object/WasmObjectFile.cpp =================================================================== --- llvm/trunk/lib/Object/WasmObjectFile.cpp +++ llvm/trunk/lib/Object/WasmObjectFile.cpp @@ -112,19 +112,22 @@ static uint8_t readVaruint1(const uint8_t *&Ptr) { int64_t result = readLEB128(Ptr); - assert(result <= VARUINT1_MAX && result >= 0); + if (result > VARUINT1_MAX || result < 0) + report_fatal_error("LEB is outside Varuint1 range"); return result; } static int32_t readVarint32(const uint8_t *&Ptr) { int64_t result = readLEB128(Ptr); - assert(result <= INT32_MAX && result >= INT32_MIN); + if (result > INT32_MAX || result < INT32_MIN) + report_fatal_error("LEB is outside Varint32 range"); return result; } static uint32_t readVaruint32(const uint8_t *&Ptr) { uint64_t result = readULEB128(Ptr); - assert(result <= UINT32_MAX); + if (result > UINT32_MAX) + report_fatal_error("LEB is outside Varuint32 range"); return result; } @@ -955,6 +958,9 @@ if (Error Err = readInitExpr(Segment.Data.Offset, Ptr)) return Err; uint32_t Size = readVaruint32(Ptr); + if (Size > End - Ptr) + return make_error("Invalid segment size", + object_error::parse_failed); Segment.Data.Content = ArrayRef(Ptr, Size); // The rest of these Data fields are set later, when reading in the linking // metadata section.