RESOLVED DUPLICATE of bug 166448166475
WebAssembly: parseVarUInt1 should take a uint32_t not a uint8_t 
https://bugs.webkit.org/show_bug.cgi?id=166475
Summary WebAssembly: parseVarUInt1 should take a uint32_t not a uint8_t
Saam Barati
Reported 2016-12-24 11:50:53 PST
We're loosing the top 3 bytes here, and that's bad. We loose them because we do static_cast<uint32_t>(uint8_t). This is bad if say I parseVarUint1 and expect the result to be zero. Right now, if somebody passed in: 0xffffff00 We'd think it's zero because of how we drop the top 3 bytes. That's clearly wrong.
Attachments
Add attachment proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1 2016-12-24 11:51:05 PST
<rdar://problem/29803564>
Saam Barati
Comment 2 2016-12-24 13:52:33 PST
The bug is actually here: ``` 232 template<typename SuccessType> 233 ALWAYS_INLINE bool Parser<SuccessType>::parseVarUInt1(uint8_t& result) 234 { 235 uint32_t temp; 236 if (!parseVarUInt32(temp)) 237 return false; 238 result = static_cast<uint8_t>(temp); 239 return temp <= 1; 240 } ``` We should check the value before the cast! I'll just fix this as part of: https://bugs.webkit.org/show_bug.cgi?id=166448
Saam Barati
Comment 3 2016-12-24 13:52:42 PST
*** This bug has been marked as a duplicate of bug 166448 ***
Note You need to log in before you can comment on or make changes to this bug.