From eaeea8dbde10e5e0a1c65bfd093ae18398b400d0 Mon Sep 17 00:00:00 2001 From: Anthony Ramine Date: Thu, 1 Aug 2013 02:03:39 +0200 Subject: Forbid returning a match context in beam_validator If a match context is returned from a function without being converted back to a plain old binary, the whole VM will crash. --- lib/compiler/src/beam_validator.erl | 1 + lib/compiler/test/beam_validator_SUITE.erl | 9 +++++++-- .../test/beam_validator_SUITE_data/bad_bin_match.S | 15 +++++++++++++++ 3 files changed, 23 insertions(+), 2 deletions(-) create mode 100644 lib/compiler/test/beam_validator_SUITE_data/bad_bin_match.S diff --git a/lib/compiler/src/beam_validator.erl b/lib/compiler/src/beam_validator.erl index eb72290306..70279ab658 100644 --- a/lib/compiler/src/beam_validator.erl +++ b/lib/compiler/src/beam_validator.erl @@ -628,6 +628,7 @@ valfun_4({gc_bif,Op,{f,Fail},Live,Src,Dst}, #vst{current=St0}=Vst0) -> Type = bif_type(Op, Src, Vst), set_type_reg(Type, Dst, Vst); valfun_4(return, #vst{current=#st{numy=none}}=Vst) -> + assert_term({x,0}, Vst), kill_state(Vst); valfun_4(return, #vst{current=#st{numy=NumY}}) -> error({stack_frame,NumY}); diff --git a/lib/compiler/test/beam_validator_SUITE.erl b/lib/compiler/test/beam_validator_SUITE.erl index bc1a9e2b3b..626f89ba7a 100644 --- a/lib/compiler/test/beam_validator_SUITE.erl +++ b/lib/compiler/test/beam_validator_SUITE.erl @@ -28,7 +28,7 @@ overwrite_catchtag/1,overwrite_trytag/1,accessing_tags/1,bad_catch_try/1, cons_guard/1, freg_range/1,freg_uninit/1,freg_state/1, - bin_match/1,bin_aligned/1,bad_dsetel/1, + bin_match/1,bad_bin_match/1,bin_aligned/1,bad_dsetel/1, state_after_fault_in_catch/1,no_exception_in_catch/1, undef_label/1,illegal_instruction/1,failing_gc_guard_bif/1]). @@ -56,7 +56,7 @@ groups() -> unsafe_catch,dead_code,mult_labels, overwrite_catchtag,overwrite_trytag,accessing_tags, bad_catch_try,cons_guard,freg_range,freg_uninit, - freg_state,bin_match,bin_aligned,bad_dsetel, + freg_state,bin_match,bad_bin_match,bin_aligned,bad_dsetel, state_after_fault_in_catch,no_exception_in_catch, undef_label,illegal_instruction,failing_gc_guard_bif]}]. @@ -317,6 +317,11 @@ bin_match(Config) when is_list(Config) -> {{t,x,1},{{bs_restore,1},16,{no_save_point,1}}}] = Errors, ok. +bad_bin_match(Config) when is_list(Config) -> + [{{t,t,1},{return,5,{match_context,{x,0}}}}] = + do_val(bad_bin_match, Config), + ok. + bin_aligned(Config) when is_list(Config) -> Errors = do_val(bin_aligned, Config), ?line diff --git a/lib/compiler/test/beam_validator_SUITE_data/bad_bin_match.S b/lib/compiler/test/beam_validator_SUITE_data/bad_bin_match.S new file mode 100644 index 0000000000..a60ca1e89a --- /dev/null +++ b/lib/compiler/test/beam_validator_SUITE_data/bad_bin_match.S @@ -0,0 +1,15 @@ +{module, bad_bin_match}. %% version = 0 + +{exports, [{t,1}]}. + +{attributes, []}. + +{labels, 3}. + + +{function, t, 1, 2}. + {label,1}. + {func_info,{atom,t},{atom,t},1}. + {label,2}. + {test,bs_start_match2,{f,1},1,[{x,0},0],{x,0}}. + return. -- cgit v1.2.3