Add mask validation

Author: linear0211

core/iwasm/common/wasm_runtime_common.c

@@ -3834,13 +3834,19 @@ wasm_runtime_init_wasi(WASMModuleInstanceCommon *module_inst,
             goto fail;
         }
 
+        errno = 0;
         mask_val = strtol(mask, &endptr, 10);
 
-        if (*endptr != '\0') {
+        if (mask == endptr || *endptr != '\0') {
             snprintf(error_buf, error_buf_size,
                      "Invalid address pool entry: mask must be a number");
             goto fail;
         }
+        if (errno != 0 || mask_val < 0 || mask_val > 128) {
+            snprintf(error_buf, error_buf_size,
+                     "Init wasi environment failed: invalid mask number");
+            goto fail;
+        }
 
         ret = addr_pool_insert(apool, address, (uint8)mask_val);
         wasm_runtime_free(cp);

core/iwasm/libraries/libc-wasi/sandboxed-system-primitives/src/posix.c

@@ -3116,10 +3116,18 @@ addr_pool_insert(struct addr_pool *addr_pool, const char *addr, uint8 mask)
         next->type = IPv6;
         bh_memcpy_s(next->addr.ip6, sizeof(next->addr.ip6), target.ipv6,
                     sizeof(target.ipv6));
+        if (mask > 128) {
+            wasm_runtime_free(next);
+            return false;
+        }
     }
     else {
         next->type = IPv4;
         next->addr.ip4 = target.ipv4;
+        if (mask > 32) {
+            wasm_runtime_free(next);
+            return false;
+        }
     }
 
     /* attach with */