Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[crash/fuzzing] Resources exhaustion (CPU/MEM) using wasmprinter::print_bytes() #52

Closed
pventuzelo opened this issue Jul 15, 2020 · 2 comments · Fixed by #53
Closed

[crash/fuzzing] Resources exhaustion (CPU/MEM) using wasmprinter::print_bytes() #52

pventuzelo opened this issue Jul 15, 2020 · 2 comments · Fixed by #53

Comments

@pventuzelo
Copy link

During fuzzing of wasmprinter, I trigger a resources exhaustion bug leading to full CPU usage when parsing a crafted wasm module. The file is only 650 bytes in size.

Download: huge_cpu_usage_wasmprinter.zip

Repo:

use std::env;
use std::fs::File;
use std::io;
use std::io::Read;

/// Read the contents from file path
fn read_contents_from_path(path_str: &String) -> Result<Vec<u8>, io::Error> {
    let mut buffer: Vec<u8> = Vec::new();
    let file_path = std::path::PathBuf::from(path_str);

    println!("file_to_process: {:?}", file_path);

    let mut file = File::open(file_path)?;
    file.read_to_end(&mut buffer)?;
    drop(file);
    Ok(buffer)
}

fn main() {
    println!("Start debugging of wasmprinter_parser");
    let args: Vec<String> = env::args().collect();

    // verify file_to_process is provided
    if args.len() != 2 {
        println!("Usage: wasmprinter_parser <file_to_process>\n");
        return;
    }

    // read data from provided file
    let data = read_contents_from_path(&args[1]).expect("cannot read file content");

    // call the fuzzing target
    wasmprinter::print_bytes(&data).is_ok();

    println!("No crash, everything is OK\n");
}
@pventuzelo
Copy link
Author

Here is another one that trigger an error this time:

memory allocation of 4294967296 bytes failed[1]    12638 abort (core dumped)

Download: mem_alloc_failed_wasmprinter.zip

@alexcrichton alexcrichton mentioned this issue Jul 15, 2020
Merged
@alexcrichton
Copy link
Member

Thanks for the report! Turns out those are both the same issue, fixed by #53.

alexcrichton added a commit to alexcrichton/wasm-tools that referenced this issue Jul 15, 2020
@alexcrichton
wasmprinter: Limit the maximum number of locals
283197a 
Don't inflate a small file to gigabytes of `(local` declarations!

cc bytecodealliance#52
fitzgen pushed a commit to fitzgen/wasm-tools that referenced this issue Oct 21, 2020
@dependabot-preview
Update wasmparser requirement from 0.50 to 0.51 (bytecodealliance#52)
50945ad 
Updates the requirements on [wasmparser](https://github.com/bytecodealliance/wasmparser.rs) to permit the latest version.
- [Release notes](https://github.com/bytecodealliance/wasmparser.rs/releases)
- [Commits](https://github.com/bytecodealliance/wasmparser.rs/commits)

Signed-off-by: dependabot-preview[bot] <[email protected]>
frank-emrich added a commit to frank-emrich/wasm-tools that referenced this issue Aug 11, 2023
@frank-emrich
Merge pull request bytecodealliance#52 from frank-emrich/upstream-dev…
83ec1b6 
…-merge

Weekly upstream dev merge
dhil added a commit to dhil/wasm-tools that referenced this issue Jan 26, 2024
@dhil
Use upstream's CI (bytecodealliance#52)
115246e 
This patch removes the bespoke "WasmFX CI workflow" in favour of the using upstream's workflows. The only changes required to run upstream's workflows were to change a few strings, e.g. "bytecodealliance/wasm-tools" to "wasmfx/wasmfx-tools".
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

wasmprinter: Limit the maximum number of locals alexcrichton/wasm-tools
2 participants
@alexcrichton @pventuzelo