wasm-decompile: Assertion `!empty()' failure cause DoS

[goldds96]

Environments

OS : Ubuntu 18.04 5.4.0-150-generic Commit : e97d53c5fcbb604fc36432df4fc117d13558d7fd Version : 1.0.34

Vulnerability Description

Affected Tool : wasm-decompile Affected Version : <= 1.0.34 Impact : Denial of Service

• The assertion '!empty()' fail in /include/wabt/intrusive-list.h in wabt 1.0.34 can cause a denial of service(assertion failure) via a crafted wasm file.

PoC

1. Input File

wasm-decompile-DOS-poc01.zip

2. Reproduce

$ ~/wabt/bin/wasm-decompile wasm-decompile-DOS-poc01

3. Stack Trace

$ ~/wabt/bin/wasm-decompile wasm-decompile-DOS-poc01
wasm-decompile: ../../../../include/wabt/intrusive-list.h:394: typename intrusive_list<T>::const_reference wabt::intrusive_list<wabt::Expr>::front() const [T = wabt::Expr]: Assertion `!empty()' failed.
Aborted

[sbc100]

wasm-decompile doesn't currently have a maintainer, or anyone who works on it. If you would like to send PR please do.