Validate raw code and mpy read length

This commit is contained in:
Scott Shawcroft 2019-06-25 17:54:27 -07:00
parent 77355cbb2f
commit 2494bfdc86
No known key found for this signature in database
GPG Key ID: 9349BC7E64B1921E
14 changed files with 83 additions and 25 deletions

View File

@ -8,7 +8,7 @@ msgid ""
msgstr "" msgstr ""
"Project-Id-Version: PACKAGE VERSION\n" "Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n" "Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2019-06-25 16:50-0700\n" "POT-Creation-Date: 2019-06-25 17:53-0700\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n" "Language-Team: LANGUAGE <LL@li.org>\n"
@ -464,6 +464,10 @@ msgstr ""
msgid "Corrupt .mpy file" msgid "Corrupt .mpy file"
msgstr "" msgstr ""
#: py/emitglue.c
msgid "Corrupt raw code"
msgstr ""
#: ports/nrf/common-hal/bleio/UUID.c #: ports/nrf/common-hal/bleio/UUID.c
#, c-format #, c-format
msgid "Could not decode ble_uuid, err 0x%04x" msgid "Could not decode ble_uuid, err 0x%04x"

View File

@ -8,7 +8,7 @@ msgid ""
msgstr "" msgstr ""
"Project-Id-Version: PACKAGE VERSION\n" "Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n" "Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2019-06-25 16:50-0700\n" "POT-Creation-Date: 2019-06-25 17:53-0700\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n" "Language-Team: LANGUAGE <LL@li.org>\n"
@ -454,6 +454,10 @@ msgstr ""
msgid "Corrupt .mpy file" msgid "Corrupt .mpy file"
msgstr "" msgstr ""
#: py/emitglue.c
msgid "Corrupt raw code"
msgstr ""
#: ports/nrf/common-hal/bleio/UUID.c #: ports/nrf/common-hal/bleio/UUID.c
#, c-format #, c-format
msgid "Could not decode ble_uuid, err 0x%04x" msgid "Could not decode ble_uuid, err 0x%04x"

View File

@ -7,7 +7,7 @@ msgid ""
msgstr "" msgstr ""
"Project-Id-Version: \n" "Project-Id-Version: \n"
"Report-Msgid-Bugs-To: \n" "Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2019-06-25 16:50-0700\n" "POT-Creation-Date: 2019-06-25 17:53-0700\n"
"PO-Revision-Date: 2018-07-27 11:55-0700\n" "PO-Revision-Date: 2018-07-27 11:55-0700\n"
"Last-Translator: Pascal Deneaux\n" "Last-Translator: Pascal Deneaux\n"
"Language-Team: Sebastian Plamauer, Pascal Deneaux\n" "Language-Team: Sebastian Plamauer, Pascal Deneaux\n"
@ -458,6 +458,10 @@ msgstr "Der Befehl muss ein int zwischen 0 und 255 sein"
msgid "Corrupt .mpy file" msgid "Corrupt .mpy file"
msgstr "" msgstr ""
#: py/emitglue.c
msgid "Corrupt raw code"
msgstr ""
#: ports/nrf/common-hal/bleio/UUID.c #: ports/nrf/common-hal/bleio/UUID.c
#, c-format #, c-format
msgid "Could not decode ble_uuid, err 0x%04x" msgid "Could not decode ble_uuid, err 0x%04x"

View File

@ -7,7 +7,7 @@ msgid ""
msgstr "" msgstr ""
"Project-Id-Version: \n" "Project-Id-Version: \n"
"Report-Msgid-Bugs-To: \n" "Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2019-06-25 16:50-0700\n" "POT-Creation-Date: 2019-06-25 17:53-0700\n"
"PO-Revision-Date: 2018-07-27 11:55-0700\n" "PO-Revision-Date: 2018-07-27 11:55-0700\n"
"Last-Translator: \n" "Last-Translator: \n"
"Language-Team: \n" "Language-Team: \n"
@ -454,6 +454,10 @@ msgstr ""
msgid "Corrupt .mpy file" msgid "Corrupt .mpy file"
msgstr "" msgstr ""
#: py/emitglue.c
msgid "Corrupt raw code"
msgstr ""
#: ports/nrf/common-hal/bleio/UUID.c #: ports/nrf/common-hal/bleio/UUID.c
#, c-format #, c-format
msgid "Could not decode ble_uuid, err 0x%04x" msgid "Could not decode ble_uuid, err 0x%04x"

View File

@ -7,7 +7,7 @@ msgid ""
msgstr "" msgstr ""
"Project-Id-Version: \n" "Project-Id-Version: \n"
"Report-Msgid-Bugs-To: \n" "Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2019-06-25 16:50-0700\n" "POT-Creation-Date: 2019-06-25 17:53-0700\n"
"PO-Revision-Date: 2018-07-27 11:55-0700\n" "PO-Revision-Date: 2018-07-27 11:55-0700\n"
"Last-Translator: \n" "Last-Translator: \n"
"Language-Team: @sommersoft, @MrCertainly\n" "Language-Team: @sommersoft, @MrCertainly\n"
@ -458,6 +458,10 @@ msgstr ""
msgid "Corrupt .mpy file" msgid "Corrupt .mpy file"
msgstr "" msgstr ""
#: py/emitglue.c
msgid "Corrupt raw code"
msgstr ""
#: ports/nrf/common-hal/bleio/UUID.c #: ports/nrf/common-hal/bleio/UUID.c
#, c-format #, c-format
msgid "Could not decode ble_uuid, err 0x%04x" msgid "Could not decode ble_uuid, err 0x%04x"

View File

@ -8,7 +8,7 @@ msgid ""
msgstr "" msgstr ""
"Project-Id-Version: \n" "Project-Id-Version: \n"
"Report-Msgid-Bugs-To: \n" "Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2019-06-25 16:50-0700\n" "POT-Creation-Date: 2019-06-25 17:53-0700\n"
"PO-Revision-Date: 2018-08-24 22:56-0500\n" "PO-Revision-Date: 2018-08-24 22:56-0500\n"
"Last-Translator: \n" "Last-Translator: \n"
"Language-Team: \n" "Language-Team: \n"
@ -470,6 +470,10 @@ msgstr "Bytes debe estar entre 0 y 255."
msgid "Corrupt .mpy file" msgid "Corrupt .mpy file"
msgstr "" msgstr ""
#: py/emitglue.c
msgid "Corrupt raw code"
msgstr ""
#: ports/nrf/common-hal/bleio/UUID.c #: ports/nrf/common-hal/bleio/UUID.c
#, c-format #, c-format
msgid "Could not decode ble_uuid, err 0x%04x" msgid "Could not decode ble_uuid, err 0x%04x"

View File

@ -7,7 +7,7 @@ msgid ""
msgstr "" msgstr ""
"Project-Id-Version: \n" "Project-Id-Version: \n"
"Report-Msgid-Bugs-To: \n" "Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2019-06-25 16:50-0700\n" "POT-Creation-Date: 2019-06-25 17:53-0700\n"
"PO-Revision-Date: 2018-12-20 22:15-0800\n" "PO-Revision-Date: 2018-12-20 22:15-0800\n"
"Last-Translator: Timothy <me@timothygarcia.ca>\n" "Last-Translator: Timothy <me@timothygarcia.ca>\n"
"Language-Team: fil\n" "Language-Team: fil\n"
@ -463,6 +463,10 @@ msgstr "Sa gitna ng 0 o 255 dapat ang bytes."
msgid "Corrupt .mpy file" msgid "Corrupt .mpy file"
msgstr "" msgstr ""
#: py/emitglue.c
msgid "Corrupt raw code"
msgstr ""
#: ports/nrf/common-hal/bleio/UUID.c #: ports/nrf/common-hal/bleio/UUID.c
#, c-format #, c-format
msgid "Could not decode ble_uuid, err 0x%04x" msgid "Could not decode ble_uuid, err 0x%04x"

View File

@ -8,7 +8,7 @@ msgid ""
msgstr "" msgstr ""
"Project-Id-Version: 0.1\n" "Project-Id-Version: 0.1\n"
"Report-Msgid-Bugs-To: \n" "Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2019-06-25 16:50-0700\n" "POT-Creation-Date: 2019-06-25 17:53-0700\n"
"PO-Revision-Date: 2019-04-14 20:05+0100\n" "PO-Revision-Date: 2019-04-14 20:05+0100\n"
"Last-Translator: Pierrick Couturier <arofarn@arofarn.info>\n" "Last-Translator: Pierrick Couturier <arofarn@arofarn.info>\n"
"Language-Team: fr\n" "Language-Team: fr\n"
@ -469,6 +469,10 @@ msgstr "La commande doit être un entier entre 0 et 255"
msgid "Corrupt .mpy file" msgid "Corrupt .mpy file"
msgstr "" msgstr ""
#: py/emitglue.c
msgid "Corrupt raw code"
msgstr ""
#: ports/nrf/common-hal/bleio/UUID.c #: ports/nrf/common-hal/bleio/UUID.c
#, c-format #, c-format
msgid "Could not decode ble_uuid, err 0x%04x" msgid "Could not decode ble_uuid, err 0x%04x"

View File

@ -8,7 +8,7 @@ msgid ""
msgstr "" msgstr ""
"Project-Id-Version: PACKAGE VERSION\n" "Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n" "Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2019-06-25 16:50-0700\n" "POT-Creation-Date: 2019-06-25 17:53-0700\n"
"PO-Revision-Date: 2018-10-02 16:27+0200\n" "PO-Revision-Date: 2018-10-02 16:27+0200\n"
"Last-Translator: Enrico Paganin <enrico.paganin@mail.com>\n" "Last-Translator: Enrico Paganin <enrico.paganin@mail.com>\n"
"Language-Team: \n" "Language-Team: \n"
@ -464,6 +464,10 @@ msgstr "I byte devono essere compresi tra 0 e 255"
msgid "Corrupt .mpy file" msgid "Corrupt .mpy file"
msgstr "" msgstr ""
#: py/emitglue.c
msgid "Corrupt raw code"
msgstr ""
#: ports/nrf/common-hal/bleio/UUID.c #: ports/nrf/common-hal/bleio/UUID.c
#, c-format #, c-format
msgid "Could not decode ble_uuid, err 0x%04x" msgid "Could not decode ble_uuid, err 0x%04x"

View File

@ -7,7 +7,7 @@ msgid ""
msgstr "" msgstr ""
"Project-Id-Version: \n" "Project-Id-Version: \n"
"Report-Msgid-Bugs-To: \n" "Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2019-06-25 16:50-0700\n" "POT-Creation-Date: 2019-06-25 17:53-0700\n"
"PO-Revision-Date: 2019-03-19 18:37-0700\n" "PO-Revision-Date: 2019-03-19 18:37-0700\n"
"Last-Translator: Radomir Dopieralski <circuitpython@sheep.art.pl>\n" "Last-Translator: Radomir Dopieralski <circuitpython@sheep.art.pl>\n"
"Language-Team: pl\n" "Language-Team: pl\n"
@ -457,6 +457,10 @@ msgstr "Komenda musi być int pomiędzy 0 a 255"
msgid "Corrupt .mpy file" msgid "Corrupt .mpy file"
msgstr "" msgstr ""
#: py/emitglue.c
msgid "Corrupt raw code"
msgstr ""
#: ports/nrf/common-hal/bleio/UUID.c #: ports/nrf/common-hal/bleio/UUID.c
#, c-format #, c-format
msgid "Could not decode ble_uuid, err 0x%04x" msgid "Could not decode ble_uuid, err 0x%04x"

View File

@ -8,7 +8,7 @@ msgid ""
msgstr "" msgstr ""
"Project-Id-Version: PACKAGE VERSION\n" "Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n" "Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2019-06-25 16:50-0700\n" "POT-Creation-Date: 2019-06-25 17:53-0700\n"
"PO-Revision-Date: 2018-10-02 21:14-0000\n" "PO-Revision-Date: 2018-10-02 21:14-0000\n"
"Last-Translator: \n" "Last-Translator: \n"
"Language-Team: \n" "Language-Team: \n"
@ -460,6 +460,10 @@ msgstr "Os bytes devem estar entre 0 e 255."
msgid "Corrupt .mpy file" msgid "Corrupt .mpy file"
msgstr "" msgstr ""
#: py/emitglue.c
msgid "Corrupt raw code"
msgstr ""
#: ports/nrf/common-hal/bleio/UUID.c #: ports/nrf/common-hal/bleio/UUID.c
#, c-format #, c-format
msgid "Could not decode ble_uuid, err 0x%04x" msgid "Could not decode ble_uuid, err 0x%04x"

View File

@ -7,7 +7,7 @@ msgid ""
msgstr "" msgstr ""
"Project-Id-Version: circuitpython-cn\n" "Project-Id-Version: circuitpython-cn\n"
"Report-Msgid-Bugs-To: \n" "Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2019-06-25 16:50-0700\n" "POT-Creation-Date: 2019-06-25 17:53-0700\n"
"PO-Revision-Date: 2019-04-13 10:10-0700\n" "PO-Revision-Date: 2019-04-13 10:10-0700\n"
"Last-Translator: hexthat\n" "Last-Translator: hexthat\n"
"Language-Team: Chinese Hanyu Pinyin\n" "Language-Team: Chinese Hanyu Pinyin\n"
@ -458,6 +458,10 @@ msgstr "Mìnglìng bìxū shì 0 dào 255 zhī jiān de int"
msgid "Corrupt .mpy file" msgid "Corrupt .mpy file"
msgstr "" msgstr ""
#: py/emitglue.c
msgid "Corrupt raw code"
msgstr ""
#: ports/nrf/common-hal/bleio/UUID.c #: ports/nrf/common-hal/bleio/UUID.c
#, c-format #, c-format
msgid "Could not decode ble_uuid, err 0x%04x" msgid "Could not decode ble_uuid, err 0x%04x"

View File

@ -142,11 +142,12 @@ mp_obj_t mp_make_function_from_raw_code(const mp_raw_code_t *rc, mp_obj_t def_ar
fun = mp_obj_new_fun_asm(rc->n_pos_args, rc->data.u_native.fun_data, rc->data.u_native.type_sig); fun = mp_obj_new_fun_asm(rc->n_pos_args, rc->data.u_native.fun_data, rc->data.u_native.type_sig);
break; break;
#endif #endif
default: case MP_CODE_BYTECODE:
// rc->kind should always be set and BYTECODE is the only remaining case
assert(rc->kind == MP_CODE_BYTECODE);
fun = mp_obj_new_fun_bc(def_args, def_kw_args, rc->data.u_byte.bytecode, rc->data.u_byte.const_table); fun = mp_obj_new_fun_bc(def_args, def_kw_args, rc->data.u_byte.bytecode, rc->data.u_byte.const_table);
break; break;
default:
// All other kinds are invalid.
mp_raise_RuntimeError(translate("Corrupt raw code"));
} }
// check for generator functions and if so wrap in generator object // check for generator functions and if so wrap in generator object

View File

@ -102,20 +102,35 @@ STATIC void extract_prelude(const byte **ip, const byte **ip2, bytecode_prelude_
#include "py/parsenum.h" #include "py/parsenum.h"
STATIC void raise_corrupt_mpy(void) {
mp_raise_RuntimeError(translate("Corrupt .mpy file"));
}
STATIC int read_byte(mp_reader_t *reader) { STATIC int read_byte(mp_reader_t *reader) {
return reader->readbyte(reader->data); mp_uint_t b = reader->readbyte(reader->data);
if (b == MP_READER_EOF) {
raise_corrupt_mpy();
}
return b;
} }
STATIC void read_bytes(mp_reader_t *reader, byte *buf, size_t len) { STATIC void read_bytes(mp_reader_t *reader, byte *buf, size_t len) {
while (len-- > 0) { while (len-- > 0) {
*buf++ = reader->readbyte(reader->data); mp_uint_t b =reader->readbyte(reader->data);
if (b == MP_READER_EOF) {
raise_corrupt_mpy();
}
*buf++ = b;
} }
} }
STATIC size_t read_uint(mp_reader_t *reader) { STATIC size_t read_uint(mp_reader_t *reader) {
size_t unum = 0; size_t unum = 0;
for (;;) { for (;;) {
byte b = reader->readbyte(reader->data); mp_uint_t b = reader->readbyte(reader->data);
if (b == MP_READER_EOF) {
raise_corrupt_mpy();
}
unum = (unum << 7) | (b & 0x7f); unum = (unum << 7) | (b & 0x7f);
if ((b & 0x80) == 0) { if ((b & 0x80) == 0) {
break; break;
@ -128,12 +143,6 @@ STATIC qstr load_qstr(mp_reader_t *reader) {
size_t len = read_uint(reader); size_t len = read_uint(reader);
char str[len]; char str[len];
read_bytes(reader, (byte*)str, len); read_bytes(reader, (byte*)str, len);
// Validate the QSTRs by ensuring they do not contain any null terminations. They are length encoded instead.
for (size_t i = 0; i < len; i++) {
if (str[i] == '\0') {
mp_raise_RuntimeError(translate("Corrupt .mpy file"));
}
}
qstr qst = qstr_from_strn(str, len); qstr qst = qstr_from_strn(str, len);
return qst; return qst;
} }
@ -155,7 +164,7 @@ STATIC mp_obj_t load_obj(mp_reader_t *reader) {
return mp_parse_num_decimal(vstr.buf, vstr.len, obj_type == 'c', false, NULL); return mp_parse_num_decimal(vstr.buf, vstr.len, obj_type == 'c', false, NULL);
} }
} }
mp_raise_RuntimeError(translate("Corrupt .mpy file")); raise_corrupt_mpy();
return MP_OBJ_FROM_PTR(&mp_const_none_obj); return MP_OBJ_FROM_PTR(&mp_const_none_obj);
} }