Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Potential UB of illegal String in source_url #1668

Open
shinmao opened this issue Dec 21, 2024 · 0 comments
Open

Potential UB of illegal String in source_url #1668

shinmao opened this issue Dec 21, 2024 · 0 comments

Comments

@shinmao
Copy link

shinmao commented Dec 21, 2024

Hi, I am wondering whether this code might create an illegal string, which contains any non-utf8 value.

rusty_v8/src/wasm.rs

Lines 158 to 164 in 6b12ea1

pub fn source_url(&self) -> &str {
let mut len = 0;
unsafe {
let ptr = v8__CompiledWasmModule__SourceUrl(self.0, &mut len);
let bytes = std::slice::from_raw_parts(ptr as _, len);
std::str::from_utf8_unchecked(bytes)
}

Based on the pointer passed by v8__CompiledWasmModule__SourceUrl

rusty_v8/src/binding.cc

Lines 3737 to 3741 in 6b12ea1

const char* v8__CompiledWasmModule__SourceUrl(v8::CompiledWasmModule* self,
size_t* length) {
const std::string& source_url = self->source_url();
*length = source_url.size();
return source_url.data();

As I know, string in C++ is not required to be utf8 only. Therefore, the function source_url might incorrectly assume that the string should also be legal in Rust.

refer to the documentation (https://v8.github.io/api/head/classv8_1_1CompiledWasmModule.html), there is also no guarantee of utf8 encoding in the definition.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant