Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix use-after-free in externref example #8410

Merged

Conversation

alexcrichton
Copy link
Member

This fixes a typo in the externref.c example where a deallocated wasmtime_val_t was used by accident. Additionally this introduces scoping to prevent this from arising again.

This fixes a typo in the `externref.c` example where a deallocated
`wasmtime_val_t` was used by accident. Additionally this introduces
scoping to prevent this from arising again.
@alexcrichton alexcrichton requested a review from a team as a code owner April 19, 2024 04:04
@alexcrichton alexcrichton requested review from fitzgen and removed request for a team April 19, 2024 04:04
assert(item.kind == WASMTIME_EXTERN_TABLE);

// Set `table[3]` to our `externref`.
wasmtime_val_t externref_val;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is now declared inside this block, but then reused in the other block and has wasmtime_val_delete called outside of the block. Can we move it up, out of this block then?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Wait what how does this compile given this mistake...

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah the answer is that it doesn't...

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lol yeah I was wondering myself

@alexcrichton alexcrichton enabled auto-merge April 19, 2024 15:30
@alexcrichton alexcrichton added this pull request to the merge queue Apr 19, 2024
Merged via the queue into bytecodealliance:main with commit 81d7187 Apr 19, 2024
21 checks passed
@alexcrichton alexcrichton deleted the fix-externref-use-after-free branch April 19, 2024 16:05
alexcrichton added a commit to alexcrichton/wasmtime that referenced this pull request Apr 19, 2024
* Fix use-after-free in externref example

This fixes a typo in the `externref.c` example where a deallocated
`wasmtime_val_t` was used by accident. Additionally this introduces
scoping to prevent this from arising again.

* Run clang-format

* Fix compilation of C example
fitzgen pushed a commit that referenced this pull request Apr 19, 2024
* Fix use-after-free in externref example

This fixes a typo in the `externref.c` example where a deallocated
`wasmtime_val_t` was used by accident. Additionally this introduces
scoping to prevent this from arising again.

* Run clang-format

* Fix compilation of C example
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants