spec icon indicating copy to clipboard operation
spec copied to clipboard
verified publisher icon WebAssembly

[js-api] Memory and table allocation pre-conditions not validated

Open bvisness opened this issue 1 year ago • 3 comments

The mem_alloc and table_alloc operations in the wasm embedding spec have pre-conditions asserting that the memory and table types are valid. The JS API spec does not actually ensure that these pre-conditions are met, which means that it is not clear which kind of error should be thrown if the type is invalid.

For example, mem_alloc has a pre-condition that the memtype is valid, which means that the limits must be valid within range 2^16. The JS API definition for Memory(descriptor) asserts that initial <= maximum, but not that initial <= 2^16 and maximum <= 2^16. What type of error should be thrown if the given memory type is invalid?

(table_alloc technically has the same problem, although EnforceRange makes it impossible to express an out-of-bounds size.)

bvisness avatar Aug 23 '24 21:08 bvisness

Thanks for pointing this out. Have you tested what browsers do?

Ms2ger avatar Aug 26 '24 09:08 Ms2ger

Chrome, Firefox, and Safari all seem to throw RangeError, so I guess the best course of action would just be to add a line explicitly stating this in the JS API spec. I should be able to make a PR for this fairly easily in the next few days.

bvisness avatar Aug 26 '24 14:08 bvisness

Thanks!

Ms2ger avatar Aug 26 '24 15:08 Ms2ger