Merge pull request #8344 from EOSIO/fixes

Consolidated Security Fixes for 2.0.x

libraries/chain/webassembly/eos-vm-oc/compile_trampoline.cpp

@@ -91,6 +91,9 @@ void run_compile(wrapped_fd&& response_sock, wrapped_fd&& wasm_code) noexcept {
    for(const TableSegment& table_segment : module.tableSegments) {
       struct table_entry* table_index_0 = (struct table_entry*)&*prologue_it;
 
+      if(table_segment.baseOffset.i32 > module.tables.defs[0].type.size.min)
+         return;
+
       for(Uptr i = 0; i < table_segment.indices.size(); ++i) {
          const Uptr function_index = table_segment.indices[i];
          const long int effective_table_index = table_segment.baseOffset.i32 + i;

libraries/chain/webassembly/eos-vm.cpp

@@ -55,16 +55,8 @@ class eos_vm_instantiated_module : public wasm_instantiated_module_interface {
       void apply(apply_context& context) override {
          _instantiated_module->set_wasm_allocator(&context.control.get_wasm_allocator());
          _runtime->_bkend = _instantiated_module.get();
-         _runtime->_bkend->initialize(&context);
-         // clamp WASM memory to maximum_linear_memory/wasm_page_size
-         auto& module = _runtime->_bkend->get_module();
-         if (module.memories.size() && 
-               ((module.memories.at(0).limits.maximum > wasm_constraints::maximum_linear_memory / wasm_constraints::wasm_page_size) 
-               || !module.memories.at(0).limits.flags)) {
-            module.memories.at(0).limits.flags = true;
-            module.memories.at(0).limits.maximum = wasm_constraints::maximum_linear_memory / wasm_constraints::wasm_page_size;
-         }
          auto fn = [&]() {
+            _runtime->_bkend->initialize(&context);
             const auto& res = _runtime->_bkend->call(
                 &context, "env", "apply", context.get_receiver().to_uint64_t(),
                 context.get_action().account.to_uint64_t(),