[wasm-gc] Reserve space before decoding types

We need this because read_heap_type uses the type vector capacity as out-of-bounds limit. Bug: chromium:1314496, v8:7748 Change-Id: Id76c8a143c32b20b24356f361d554cb212576c09 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3578654Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Cr-Commit-Position: refs/heads/main@{#79882}

[wasm-gc] Reserve space before decoding types
We need this because read_heap_type uses the type vector capacity as out-of-bounds limit. Bug: chromium:1314496, v8:7748 Change-Id: Id76c8a143c32b20b24356f361d554cb212576c09 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3578654Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Cr-Commit-Position: refs/heads/main@{#79882}
5fbea96a · Manos Koukoutos · V8 LUCI CQ · b46a3acc · 5fbea96a
Commit 5fbea96a authored Apr 08, 2022 by Manos Koukoutos Committed by V8 LUCI CQ Apr 08, 2022
Hide whitespace changes
Inline Side-by-side

Showing with 1 addition and 0 deletions

module-decoder.cc src/wasm/module-decoder.cc +1 -0

No files found.
--- a/src/wasm/module-decoder.cc
+++ b/src/wasm/module-decoder.cc
@@ -675,6 +675,7 @@ class ModuleDecoderImpl : public Decoder {

    // Non wasm-gc type section decoding.
    if (!enabled_features_.has_gc()) {
+      module_->types.reserve(types_count);
      for (uint32_t i = 0; i < types_count; ++i) {
        TRACE("DecodeSignature[%d] module+%d\n", i,
              static_cast<int>(pc_ - start_));