workerd icon indicating copy to clipboard operation
workerd copied to clipboard
verified publisher icon cloudflare

COMPILED_MAGIC_SUFFIX check from memcmp equals 0 -> arrayPtr equality

Open tewaro opened this issue 1 year ago • 4 comments

This change follows the pattern of other safety changes to use ArrayPtr equality rather than memcmp == 0, which has bounds checking.

This PR also adds a test that compiled binaries run correctly using sh_test.

tewaro avatar Jun 24 '24 17:06 tewaro

What's the rationale for this change? Is it better memory safety?

The rationale is that ArrayPtr does bounds checking on the pointers that are passed into it.

Also how did you test this? Do we have any tests for this code path in CI?

This is tested by anything that calls into the cli main, I basically tried combinations that I thought would be wrong and most cases caused about 70 tests to fail. Happy to send any info you would like to see before merging this. I'm also happy to find out how to write an explicit test to make sure this behavior is correct.

tewaro avatar Jun 28 '24 19:06 tewaro

I suspect there is not an explicit test for this functionality. The thing you need to test is using the workerd compile command to create a self-contained binary, then run that binary.

(Yes, it's possible to make other tests fail by making the comparison succeed spuriously, since that will engage the self-contained binary mode when it's not intended.)

kentonv avatar Jun 28 '24 20:06 kentonv

Does this mean that we want to create a new test for this?

tewaro avatar Jul 05 '24 22:07 tewaro

It would be nice to have a test, yes. You could test this using a shell test pretty easily, I think.

kentonv avatar Jul 07 '24 21:07 kentonv