[wasm-simd] Error out if simd opcode is invalid

Bug: chromium:1071711 Bug: v8:10258 Change-Id: Id19add0c7e77ee3b834ff47274b9986cc2aa1f69 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2154767Reviewed-by: Clemens Backes <clemensb@chromium.org> Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Commit-Queue: Zhi An Ng <zhin@chromium.org> Cr-Commit-Position: refs/heads/master@{#67216}

[wasm-simd] Error out if simd opcode is invalid
Bug: chromium:1071711 Bug: v8:10258 Change-Id: Id19add0c7e77ee3b834ff47274b9986cc2aa1f69 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2154767Reviewed-by: Clemens Backes <clemensb@chromium.org> Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Commit-Queue: Zhi An Ng <zhin@chromium.org> Cr-Commit-Position: refs/heads/master@{#67216}
8c8ff95a · Ng Zhi An · Commit Bot · 3cef77bc · 8c8ff95a
Commit 8c8ff95a authored Apr 17, 2020 by Ng Zhi An Committed by Commit Bot Apr 17, 2020
Hide whitespace changes
Inline Side-by-side

Showing with 3 additions and 1 deletion

decoder.h src/wasm/decoder.h +3 -1

No files found.
--- a/src/wasm/decoder.h
+++ b/src/wasm/decoder.h
@@ -144,7 +144,9 @@ class Decoder {
      index = read_u32v<validate>(pc + 1, length, "prefixed opcode index");
      // Only support SIMD opcodes that go up to 0xFF (when decoded). Anything
      // bigger will need 1 more byte, and the '<< 8' below will be wrong.
-      DCHECK_LE(index, 0xff);
+      if (validate && V8_UNLIKELY(index > 0xff)) {
+        errorf(pc, "Invalid SIMD opcode %d", index);
+      }
    } else {
      index = *(pc + 1);
      *length = 1;