wabt icon indicating copy to clipboard operation
wabt copied to clipboard

Published 20 hours ago verified publisher icon WebAssembly

wasm-decompile: Assertion `false' failed.

Open goldds96 opened this issue 2 years ago • 1 comments

Environments

OS : Ubuntu 18.04 5.4.0-150-generic Commit : e97d53c5fcbb604fc36432df4fc117d13558d7fd Version : 1.0.34

Vulnerability Description

Affected Tool : wasm-decompile Affected Version : <= 1.0.34 Impact : Denial of Service

  • The assertion 'false' in /src/decompiler.cc:414( in wabt 1.0.34 can cause a denial of service(assertion failure) via a crafted wasm file.
case NodeType::Uninitialized:
   assert(false);
   break;

PoC

1. Input File

wasm-decompile-PoC.zip

2. Reproduce

$ ~/wabt/bin/wasm-decompile wasm-decompile-PoC

3. Stack Trace

$ ~/wabt/bin/wasm-decompile wasm-decompile-PoC
wasm-decompile: ../../../../src/decompiler.cc:414: wabt::Decompiler::Value wabt::Decompiler::DecompileExpr(const wabt::Node &, const wabt::Node *): Assertion `false' failed.
Aborted

goldds96 avatar Nov 06 '23 05:11 goldds96

Sadly wasm-decompile is not actively maintained. If you would like to send PRs to fix these kind of issues they would most welcome. Otherwise I'm afraid they won't get much attention.

sbc100 avatar Nov 06 '23 05:11 sbc100