EH: fix validation of delegate opcode

[yamt]

cf. #1884 (comment)

[wenyongh]

Not sure whether it should be CHECK_BR(depth + 1)? Seems the target block to check is loader_ctx->frame_csp - depth - 2.
In check_branch_block, the code is:

wasm-micro-runtime/core/iwasm/interpreter/wasm_loader.c

Lines 7120 to 7121 in 3111a86

	CHECK_BR(depth);
	frame_csp_tmp = loader_ctx->frame_csp - depth - 1;

[yamt]

good point. i will check.

[yamt]

fixed.

[wenyongh]

Not sure whether the check is enough? The original code calls check_branch_block:
check_branch_block -> CHECK_BR -> wasm_loader_check_br
And in wasm_loader_check_br, there are more checks:

wasm-micro-runtime/core/iwasm/interpreter/wasm_loader.c

Lines 7058 to 7088 in 3111a86

	cur_block = loader_ctx->frame_csp - 1;
	target_block = loader_ctx->frame_csp - (depth + 1);
	target_block_type = &target_block->block_type;
	frame_ref = loader_ctx->frame_ref;
	/* Note: loop's arity is different from if and block. loop's arity is
	* its parameter count while if and block arity is result count.
	*/
	if (target_block->label_type == LABEL_TYPE_LOOP)
	arity = block_type_get_param_types(target_block_type, &types);
	else
	arity = block_type_get_result_types(target_block_type, &types);
	/* If the stack is in polymorphic state, just clear the stack
	* and then re-push the values to make the stack top values
	* match block type. */
	if (cur_block->is_stack_polymorphic) {
	for (i = (int32)arity - 1; i >= 0; i--) {
	#if WASM_ENABLE_FAST_INTERP != 0
	POP_OFFSET_TYPE(types[i]);
	#endif
	POP_TYPE(types[i]);
	}
	for (i = 0; i < (int32)arity; i++) {
	#if WASM_ENABLE_FAST_INTERP != 0
	bool disable_emit = true;
	int16 operand_offset = 0;
	PUSH_OFFSET_TYPE(types[i]);
	#endif
	PUSH_TYPE(types[i]);
	}

Is it better to use CHECK_BR(depth + 1)?

[yamt]

the most of checks in wasm_loader_check_br are not appropriate for delegate, where parameters are given via the exception, not stack.

[wenyongh]

OK, got it, thanks!