Fix wasm loader check data segment count (#4039)

TianlongLiang · web-flow · commit b6dea221a609 · 2025-01-21T13:08:09.000+08:00
correctly report error when datacount section has non-zero data segment count while the data section is not present
diff --git a/core/iwasm/interpreter/wasm_loader.c b/core/iwasm/interpreter/wasm_loader.c
@@ -4713,6 +4713,21 @@ load_table_segment_section(const uint8 *buf, const uint8 *buf_end,
     return false;
 }
 
+#if WASM_ENABLE_BULK_MEMORY != 0
+static bool
+check_data_count_consistency(bool has_datacount_section, int datacount_len,
+                             int data_seg_len, char *error_buf,
+                             uint32 error_buf_size)
+{
+    if (has_datacount_section && datacount_len != data_seg_len) {
+        set_error_buf(error_buf, error_buf_size,
+                      "data count and data section have inconsistent lengths");
+        return false;
+    }
+    return true;
+}
+#endif
+
 static bool
 load_data_segment_section(const uint8 *buf, const uint8 *buf_end,
                           WASMModule *module,
@@ -4736,9 +4751,9 @@ load_data_segment_section(const uint8 *buf, const uint8 *buf_end,
     read_leb_uint32(p, p_end, data_seg_count);
 
 #if WASM_ENABLE_BULK_MEMORY != 0
-    if (has_datacount_section && data_seg_count != module->data_seg_count1) {
-        set_error_buf(error_buf, error_buf_size,
-                      "data count and data section have inconsistent lengths");
+    if (!check_data_count_consistency(has_datacount_section,
+                                      module->data_seg_count1, data_seg_count,
+                                      error_buf, error_buf_size)) {
         return false;
     }
 #endif
@@ -5926,6 +5941,14 @@ load_from_sections(WASMModule *module, WASMSection *sections,
         section = section->next;
     }
 
+#if WASM_ENABLE_BULK_MEMORY != 0
+    if (!check_data_count_consistency(
+            has_datacount_section, module->data_seg_count1,
+            module->data_seg_count, error_buf, error_buf_size)) {
+        return false;
+    }
+#endif
+
     module->aux_data_end_global_index = (uint32)-1;
     module->aux_heap_base_global_index = (uint32)-1;
     module->aux_stack_top_global_index = (uint32)-1;
diff --git a/core/iwasm/interpreter/wasm_mini_loader.c b/core/iwasm/interpreter/wasm_mini_loader.c
@@ -2734,6 +2734,11 @@ load_from_sections(WASMModule *module, WASMSection *sections,
         section = section->next;
     }
 
+#if WASM_ENABLE_BULK_MEMORY != 0
+    bh_assert(!has_datacount_section
+              || module->data_seg_count == module->data_seg_count1);
+#endif
+
     module->aux_data_end_global_index = (uint32)-1;
     module->aux_heap_base_global_index = (uint32)-1;
     module->aux_stack_top_global_index = (uint32)-1;
