Fix Leb128 parsing of WasmLoader. #3
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
nneonneo
added a commit
to nneonneo/ghidra-wasm-plugin
that referenced
this pull request
Sep 27, 2021
This was inspired by garrettgu10#3, where it was discovered that the Leb128 parser may fail to parse redundantly-encoded numbers correctly. Although that may have been fixed by the recent changes to Leb128.java, the more pragmatic approach is simply to use the more battle-tested LEB128 class instead.
cmorin6
pushed a commit
to cmorin6/ghidra-wasm-plugin
that referenced
this pull request
Oct 8, 2021
If a function uses the C stack, the first instruction always seems to be a global.get with the C stack pointer global variable. Therefore, we guess the C stack global by looking for the global that appears most frequently in an initial global.get. Fixes garrettgu10#3.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
I encountered some wasm files that weren't loading properly due to Leb128 parsing.
The current implementation tries parsing the vale from an array of 5 bytes then compute and consume the expected byte size from the reader. The issue came from Leb128 values that where padded with null bytes (probably as some anti-reversing technique) causing the parsing size and consumed size to differ, leading to a misaligned parsing of the following structures and a failure to load the wasm file.
Example:
e2 81 80 80 00ande2 01are both "valid" representation of the value 226 in LEB128I opted to reuse the LEB128 utility already present in Ghidra for the Dwarf parsing that didn't suffer from this issue.