Merge #432

432: feat(runtime-c-api) Check buffer size before creating the slice r=Hywan a=Hywan It's safer to check the buffer size is large enough to hold the error message before creating the slice from raw parts. Also, this patch remove the need for `last_error`, simplifying the code a little bit. The `length` variable is casted to `usize` once. This patch also updates the returned value of `wasmer_last_error_message` by adding 1, so that it mimics the `wasmer_last_error_length` function that counts the trailing null byte. Co-authored-by: Ivan Enderlin <[email protected]>
wasmerio · May 13, 2019 · ffca1d6 · ffca1d6
2 parents b222731 + 8c8586f
commit ffca1d6
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 9 deletions.
diff --git a/lib/runtime-c-api/src/error.rs b/lib/runtime-c-api/src/error.rs
@@ -61,20 +61,20 @@ pub unsafe extern "C" fn wasmer_last_error_message(buffer: *mut c_char, length:
         return -1;
     }
 
-    let last_error = match take_last_error() {
-        Some(err) => err,
+    let error_message = match take_last_error() {
+        Some(err) => err.to_string(),
         None => return 0,
     };
 
-    let error_message = last_error.to_string();
+    let length = length as usize;
 
-    let buffer = slice::from_raw_parts_mut(buffer as *mut u8, length as usize);
-
-    if error_message.len() >= buffer.len() {
-        // buffer to small for err  message
+    if error_message.len() >= length {
+        // buffer is too small to hold the error message
         return -1;
     }
 
+    let buffer = slice::from_raw_parts_mut(buffer as *mut u8, length);
+
     ptr::copy_nonoverlapping(
         error_message.as_ptr(),
         buffer.as_mut_ptr(),
@@ -85,7 +85,7 @@ pub unsafe extern "C" fn wasmer_last_error_message(buffer: *mut c_char, length:
     // accidentally read into garbage.
     buffer[error_message.len()] = 0;
 
-    error_message.len() as c_int
+    error_message.len() as c_int + 1
 }
 
 #[derive(Debug)]

diff --git a/lib/runtime-c-api/tests/test-instantiate.c b/lib/runtime-c-api/tests/test-instantiate.c
@@ -46,7 +46,8 @@ int main()
     int error_len = wasmer_last_error_length();
     printf("Error len: `%d`\n", error_len);
     char *error_str = malloc(error_len);
-    wasmer_last_error_message(error_str, error_len);
+    int error_result = wasmer_last_error_message(error_str, error_len);
+    assert(error_len == error_result);
     printf("Error str: `%s`\n", error_str);
     assert(0 == strcmp(error_str, "Call error: Parameters of type [I32] did not match signature [I32, I32] -> [I32]"));
     free(error_str);