Clear code security alarms

Issue: https://gitee.com/openharmony/arkcompiler_ets_runtime/issues/IAHX6K Signed-off-by: hlm2001 <huanglimin10@huawei.com> Change-Id: I29c8c3a367872efc41a5b3c7e3c902d1a2ecdc96
2024-11-27 04:00:37 +00:00 · 2024-08-05 16:12:28 +08:00 · 2024-08-05 16:12:28 +08:00 · 820b0116f0
commit 820b0116f0
parent cbd9d4b9f4
12 changed files with 29 additions and 11 deletions
--- a/ecmascript/builtins/builtins_arraybuffer.cpp
+++ b/ecmascript/builtins/builtins_arraybuffer.cpp
@ -361,6 +361,7 @@ JSTaggedValue BuiltinsArrayBuffer::GetValueFromBuffer(JSThread *thread, JSTagged
 JSTaggedValue BuiltinsArrayBuffer::GetValueFromBuffer(JSThread *thread, uint32_t byteIndex, uint8_t *block,
                                                      DataViewType type, bool littleEndian)
 {
+    ASSERT(block != nullptr);
    switch (type) {
        case DataViewType::UINT8:
        case DataViewType::UINT8_CLAMPED: {
@ -515,6 +516,7 @@ T BuiltinsArrayBuffer::LittleEndianToBigEndian64Bit(T liValue)
 template<typename T, BuiltinsArrayBuffer::NumberSize size>
 JSTaggedValue BuiltinsArrayBuffer::GetValueFromBufferForInteger(uint8_t *block, uint32_t byteIndex, bool littleEndian)
 {
+    ASSERT(block != nullptr);
    ASSERT_PRINT(std::is_integral_v<T>, "T must be integral");
    ASSERT_PRINT(sizeof(T) == size, "Invalid number size");
    ASSERT_PRINT(sizeof(T) >= sizeof(uint16_t), "T must have a size more than uint8");
@ -539,6 +541,7 @@ JSTaggedValue BuiltinsArrayBuffer::GetValueFromBufferForInteger(uint8_t *block,
 template<typename T, typename UnionType, BuiltinsArrayBuffer::NumberSize size>
 JSTaggedValue BuiltinsArrayBuffer::GetValueFromBufferForFloat(uint8_t *block, uint32_t byteIndex, bool littleEndian)
 {
+    ASSERT(block != nullptr);
    ASSERT_PRINT((std::is_same_v<T, float> || std::is_same_v<T, double>), "T must be correct type");
    ASSERT_PRINT(sizeof(T) == size, "Invalid number size");

@ -582,6 +585,7 @@ template<typename T, BuiltinsArrayBuffer::NumberSize size>
 JSTaggedValue BuiltinsArrayBuffer::GetValueFromBufferForBigInt(JSThread *thread, uint8_t *block,
                                                               uint32_t byteIndex, bool littleEndian)
 {
+    ASSERT(block != nullptr);
    ASSERT_PRINT((std::is_same_v<T, uint64_t> || std::is_same_v<T, int64_t>), "T must be uint64_t/int64_t");
    auto pTmp = *reinterpret_cast<uint64_t *>(block + byteIndex);
    if (!littleEndian) {
--- a/ecmascript/ecma_context.cpp
+++ b/ecmascript/ecma_context.cpp
@ -75,10 +75,6 @@ EcmaContext *EcmaContext::Create(JSThread *thread)
 {
    LOG_ECMA(INFO) << "EcmaContext::Create";
    auto context = new EcmaContext(thread);
-    if (UNLIKELY(context == nullptr)) {
-        LOG_ECMA(ERROR) << "Failed to create ecma context";
-        return nullptr;
-    }
    return context;
 }

@ -1024,7 +1020,7 @@ size_t EcmaContext::IterateHandle(const RootRangeVisitor &rangeVisitor)
 uintptr_t *EcmaContext::ExpandHandleStorage()
 {
    uintptr_t *result = nullptr;
-    int32_t lastIndex = static_cast<int32_t>(handleStorageNodes_.size() - 1);
+    int32_t lastIndex = static_cast<int32_t>(handleStorageNodes_.size()) - 1;
    if (currentHandleStorageIndex_ == lastIndex) {
        auto n = new std::array<JSTaggedType, NODE_BLOCK_SIZE>();
        handleStorageNodes_.push_back(n);
@ -1044,7 +1040,7 @@ uintptr_t *EcmaContext::ExpandHandleStorage()
 void EcmaContext::ShrinkHandleStorage(int prevIndex)
 {
    currentHandleStorageIndex_ = prevIndex;
-    int32_t lastIndex = static_cast<int32_t>(handleStorageNodes_.size() - 1);
+    int32_t lastIndex = static_cast<int32_t>(handleStorageNodes_.size()) - 1;
 #if ECMASCRIPT_ENABLE_ZAP_MEM
    uintptr_t size = ToUintPtr(handleScopeStorageEnd_) - ToUintPtr(handleScopeStorageNext_);
    if (currentHandleStorageIndex_ != -1) {
@ -1076,7 +1072,7 @@ void EcmaContext::ShrinkHandleStorage(int prevIndex)
 uintptr_t *EcmaContext::ExpandPrimitiveStorage()
 {
    uintptr_t *result = nullptr;
-    int32_t lastIndex = static_cast<int32_t>(primitiveStorageNodes_.size() - 1);
+    int32_t lastIndex = static_cast<int32_t>(primitiveStorageNodes_.size()) - 1;
    if (currentPrimitiveStorageIndex_ == lastIndex) {
        auto n = new std::array<JSTaggedType, NODE_BLOCK_SIZE>();
        primitiveStorageNodes_.push_back(n);
@ -1096,7 +1092,7 @@ uintptr_t *EcmaContext::ExpandPrimitiveStorage()
 void EcmaContext::ShrinkPrimitiveStorage(int prevIndex)
 {
    currentPrimitiveStorageIndex_ = prevIndex;
-    int32_t lastIndex = static_cast<int32_t>(primitiveStorageNodes_.size() - 1);
+    int32_t lastIndex = static_cast<int32_t>(primitiveStorageNodes_.size()) - 1;
 #if ECMASCRIPT_ENABLE_ZAP_MEM
    uintptr_t size = ToUintPtr(primitiveScopeStorageEnd_) - ToUintPtr(primitiveScopeStorageNext_);
    if (currentPrimitiveStorageIndex_ != -1) {
--- a/ecmascript/js_bigint.cpp
+++ b/ecmascript/js_bigint.cpp
@ -897,6 +897,7 @@ void BigInt::RightShift(JSHandle<BigInt> bigint, JSHandle<BigInt> x, uint32_t di
        }
    } else {
        uint32_t carry = x->GetDigit(digitMove) >> bitsMove;
+        ASSERT(size > digitMove);
        uint32_t last = size - digitMove - 1;
        for (uint32_t i = 0; i < last; i++) {
            uint32_t value = x->GetDigit(i + digitMove + 1);
@ -1612,6 +1613,7 @@ JSTaggedNumber BigInt::BigIntToNumber(JSHandle<BigInt> bigint)
        return JSTaggedNumber(0);
    }
    uint32_t bigintLen = bigint->GetLength();
+    ASSERT(bigintLen > 0);
    uint32_t BigintHead = bigint->GetDigit(bigintLen - 1);
    uint32_t leadingZeros = base::CountLeadingZeros(BigintHead);
    int bigintBitLen = static_cast<int>(bigintLen * BigInt::DATEBITS - leadingZeros);
--- a/ecmascript/js_date.cpp
+++ b/ecmascript/js_date.cpp
@ -613,6 +613,7 @@ CString JSDate::StrToTargetLength(const CString &str, int length)
    CString sub;
    if (str[0] == NEG) {
        sub.reserve(length + 1);
+        ASSERT(str.length() > 0);
        len = static_cast<int>(str.length() - 1);
        sub += NEG;
    } else {
--- a/ecmascript/js_hclass.h
+++ b/ecmascript/js_hclass.h
@ -1864,6 +1864,7 @@ public:

    inline uint32_t LastPropIndex() const
    {
+        ASSERT(NumberOfProps() > 0);
        return NumberOfProps() - 1;
    }

--- a/ecmascript/jspandafile/program_object.cpp
+++ b/ecmascript/jspandafile/program_object.cpp
@ -138,6 +138,9 @@ void ConstantPool::MergeObjectLiteralHClassCache(EcmaVM *vm, const JSHandle<JSTa
        return;
    }
    auto aotHCInfoArray = TaggedArray::Cast(aotHCInfo);
+    if (aotHCInfoArray->GetLength() <= 0) {
+        return;
+    }
    auto last = aotHCInfoArray->Get(aotHCInfoArray->GetLength() - 1);
    if (!last.IsTaggedArray()) {
        return;
--- a/ecmascript/method.cpp
+++ b/ecmascript/method.cpp
@ -65,6 +65,7 @@ MethodLiteral *Method::GetMethodLiteral() const
    if (IsAotWithCallField() || IsDeoptimized()) {
        ASSERT(!IsNativeWithCallField());
        const JSPandaFile *jsPandaFile = GetJSPandaFile();
+        ASSERT(jsPandaFile != nullptr);
        return jsPandaFile->FindMethodLiteral(GetMethodId().GetOffset());
    }
    return reinterpret_cast<MethodLiteral *>(GetCodeEntryOrLiteral());
@ -79,6 +80,7 @@ uint32_t Method::FindCatchBlock(uint32_t pc) const
 {
    ASSERT(!IsNativeWithCallField());
    auto *pandaFile = GetJSPandaFile()->GetPandaFile();
+    ASSERT(pandaFile != nullptr);
    panda_file::MethodDataAccessor mda(*pandaFile, GetMethodId());
    panda_file::CodeDataAccessor cda(*pandaFile, mda.GetCodeId().value());

@ -98,6 +100,7 @@ uint32_t Method::FindCatchBlock(uint32_t pc) const
 bool Method::HasCatchBlock() const
 {
    auto *pandaFile = GetJSPandaFile()->GetPandaFile();
+    ASSERT(pandaFile != nullptr);
    panda_file::MethodDataAccessor mda(*pandaFile, GetMethodId());
    panda_file::CodeDataAccessor cda(*pandaFile, mda.GetCodeId().value());
    return cda.GetTriesSize() != 0;
--- a/ecmascript/module/module_path_helper.cpp
+++ b/ecmascript/module/module_path_helper.cpp
@ -252,9 +252,10 @@ CString ModulePathHelper::TransformToNormalizedOhmUrl(EcmaVM *vm, const CString
    size_t pathPos = oldEntryPoint.find(PathHelper::SLASH_TAG, pos + 1);
    LOG_ECMA(DEBUG) << "TransformToNormalizedOhmUrl inputFileName: " << inputFileName << " oldEntryPoint: " <<
        oldEntryPoint;
-    if (pos == CString::npos && pathPos == CString::npos) {
-        LOG_FULL(ERROR) << "TransformToNormalizedOhmUrl Invalid Ohmurl, please check.";
-        return oldEntryPoint;
+    if (pos == CString::npos || pathPos == CString::npos) {
+        CString errorMsg = "TransformToNormalizedOhmUrl Invalid Ohmurl: " + oldEntryPoint + ", please check.";
+        THROW_NEW_ERROR_WITH_MSG_AND_RETURN_VALUE(vm->GetJSThread(), ErrorType::SYNTAX_ERROR, errorMsg.c_str(),
+            oldEntryPoint);
    }
    CString path = oldEntryPoint.substr(pathPos);
    CString moduleName = oldEntryPoint.substr(pos + 1, pathPos - pos - 1);
--- a/ecmascript/regexp/regexp_executor.cpp
+++ b/ecmascript/regexp/regexp_executor.cpp
@ -140,6 +140,7 @@ bool RegExpExecutor::ExecuteInternal(const DynChunk &byteCode, uint32_t pcEnd)
                break;
            }
            case RegExpOpCode::OP_MATCH: {
+                ASSERT(stateStackLen_ > 0);
                // jump to match ahead
                uint32_t ahead = stateStackLen_ - 1;
                auto stateStack = reinterpret_cast<RegExpState *>(stateStack_);
@ -189,6 +190,7 @@ bool RegExpExecutor::ExecuteInternal(const DynChunk &byteCode, uint32_t pcEnd)
                if (stateStackLen_ > 0 && PeekRegExpState()->type_ == StateType::STATE_PUSH) {
                    DropRegExpState();
                } else {
+                    ASSERT(currentStack_ > 0);
                    PushRegExpState(StateType::STATE_POP, 0, stack_[currentStack_ - 1]);
                }
                if (PopStack() != reinterpret_cast<uintptr_t>(GetCurrentPtr())) {
@ -206,6 +208,7 @@ bool RegExpExecutor::ExecuteInternal(const DynChunk &byteCode, uint32_t pcEnd)
                break;
            }
            case RegExpOpCode::OP_POP: {
+                ASSERT(currentStack_ > 0);
                PushRegExpState(StateType::STATE_POP, 0, stack_[currentStack_ - 1]);
                PopStack();
                Advance(opCode);
--- a/ecmascript/regexp/regexp_parser.cpp
+++ b/ecmascript/regexp/regexp_parser.cpp
@ -202,6 +202,7 @@ void RegExpParser::ParseDisjunction(bool isBackward)
                    buffer_.PutU8(ptr, RegExpOpCode::OP_SPARSE);
                    buffer_.PutU16(ptr + 1, cnt);
                    ptr += SPARSE_HEAD_OFFSET;
+                    ASSERT(chars.size() > 0);
                    for (int32_t i = static_cast<int32_t>(chars.size() - 1); i >= 0; i--) {
                        buffer_.PutU16(ptr, chars[i]);
                        // 2: cnt = count of splits + 1, for invert index should be extra - 1, so -1-1=-2
--- a/ecmascript/stubs/runtime_stubs-inl.h
+++ b/ecmascript/stubs/runtime_stubs-inl.h
@ -1052,6 +1052,7 @@ JSTaggedValue RuntimeStubs::RuntimeCreateSharedClass(JSThread *thread,
    RETURN_EXCEPTION_IF_ABRUPT_COMPLETION(thread);

    uint32_t arrayLength = fieldTypeArray->GetLength();
+    ASSERT(arrayLength > 0);
    auto instanceFieldNums = static_cast<uint32_t>(fieldTypeArray->Get(arrayLength - 1).GetInt());
    // Don't trim array, because define class maybe called on muilt-time in the same vm or diferrent vm
    uint32_t instanceLength = instanceFieldNums * 2;  // 2: key and value
--- a/ecmascript/tagged_hash_array.cpp
+++ b/ecmascript/tagged_hash_array.cpp
@ -39,6 +39,7 @@ void TaggedHashArray::Clear(JSThread *thread)
 JSTaggedValue TaggedHashArray::GetNode(JSThread *thread, int hash, JSTaggedValue key)
 {
    uint32_t nodeLength = GetLength();
+    ASSERT(nodeLength > 0);
    JSTaggedValue nodeValue = Get(((nodeLength - 1) & hash));
    JSTaggedValue hashValue = JSTaggedValue(hash);
    if (nodeValue.IsHole()) {
@ -174,6 +175,7 @@ JSTaggedValue TaggedHashArray::SetVal(JSThread *thread, JSHandle<TaggedHashArray
                                      JSHandle<JSTaggedValue> key, JSHandle<JSTaggedValue> value)
 {
    uint32_t length = table->GetLength();
+    ASSERT(length > 0);
    uint32_t index = (length - 1) & hash;
    JSHandle<JSTaggedValue> node(thread, table->Get(index));
    if (node->IsHole()) {