878 Commits

Author SHA1 Message Date
Michael Buesch
60cf2c0959 tools/pyboard.py: Replace eval() of received data with alternative.
Prior to this commit, pyboard.py used eval() to "parse" file data received
from the board.  Using eval() on received data from a device is dangerous,
because a malicious device may inject arbitrary code execution on the PC
that is doing the operation.

Consider the following scenario:

Eve may write a malicious script to Bob's board in his absence.  On return
Bob notices that something is wrong with the board, because it doesn't work
as expected anymore.  He wants to read out boot.py (or any other file) to
see what is wrong.  What he gets is a remote code execution on his PC.

Proof of concept:

Eve:

  $ cat boot.py
  _print = print
  print = lambda *x, **y: _print("os.system('ls /; echo Pwned!')", end="\r\n\x04")
  $ ./pyboard.py -f cp boot.py :
  cp boot.py :boot.py

Bob:

  $ ./pyboard.py -f cp :boot.py /tmp/foo
  cp :boot.py /tmp/foo
  bin   chroot  dev  home  lib32  media  opt   root  sbin  sys  usr
  boot  config  etc  lib   lib64  mnt    proc  run   srv   tmp  var
  Pwned!

There's also the possibility that the device is malfunctioning and sends
random and possibly dangerous data back to the PC, to be eval'd.

Fix this problem by using ast.literal_eval() to parse the received bytes,
instead of eval().

Signed-off-by: Michael Buesch <m@bues.ch>
2020-08-21 16:08:03 +10:00
Jeff Epler
23aefe9509 Add usb-endpoint-count checking
.. however, the number of endpoints is only set for SAMD (8).
Other ports need to set the value.  Otherwise, the build will show
the message
```
Unable to check whether maximum number of endpoints is respected
```
2020-08-19 16:47:40 -05:00
Yihui Xiong
8bab7b664c support to get HID OUT report 2020-08-19 20:18:17 +08:00
Jeff Epler
5056027238 gen_display_resources: report missing character count, if any 2020-08-18 19:25:09 -05:00
Jeff Epler
880fe1a694 gen_display_resources: silence 'missing character' message
Since we made the decision to allow translations which do not have coverage in
the terminal font, these routinely occur and are expected.  The message is
unhelpful and due to their voume make it harder to find relevant information
particularly in github actions results.
2020-08-16 20:58:24 -05:00
Jeff Epler
1cf3762392 Merge remote-tracking branch 'origin/main' into stm32-sdioio 2020-08-10 12:54:12 -05:00
Damien George
b731bd0ce6 tools/makemanifest.py: Print nicely formatted errors from mpy-cross.
If mpy-cross exits with an error be sure to print that error in a way that
is readable, instead of a long bytes object.

Signed-off-by: Damien George <damien@micropython.org>
2020-08-08 14:46:05 +10:00
Taku Fukada
272d300fc8 Fix Read the Docs bulid failing 2020-08-08 01:33:24 +09:00
Taku Fukada
56c898da80 Modify some Python stubs 2020-08-07 01:01:28 +09:00
Jeff Epler
af135a7560 atmel-samd: move samd-specific script 2020-07-30 07:18:02 -05:00
hathach
b2ec77e554 Merge remote-tracking branch 'adafruit/main' into improve-highspeed-usb 2020-07-29 23:14:52 +07:00
Jeff Epler
fbc78972eb
Merge pull request #3203 from WarriorOfWire/speed_up_builds
Use 2 cores per build task in github CI build
2020-07-29 11:09:09 -05:00
hathach
1f4fcb399b
move CFG_TUSB_RHPORT0_MODE into generated header 2020-07-29 16:05:31 +07:00
hathach
6063828279 replace USB_MSC_MAX_PACKET_SIZE with USB_HIGHSPEED in descriptor gen tool 2020-07-29 15:38:55 +07:00
Scott Shawcroft
6afbefc739
Merge pull request #3219 from adafruit/encoding
fix windows' encoding defaults
2020-07-28 14:00:44 -07:00
lady ada
5b675cc83f fix windows' encoding defaults 2020-07-28 14:19:43 -04:00
Damien George
952de5cb77 tools/makemanifest.py: Use errno.EEXIST instead of number 17.
To make this code more portable, across different platforms.

Signed-off-by: Damien George <damien@micropython.org>
2020-07-26 10:56:24 +10:00
Kenny
ebc1373c08 use -j2 in the actual build also 2020-07-25 10:23:42 -07:00
Kenny
11d225fe62 Use 2 cores per job in github build
As of today, https://docs.github.com/en/actions/reference/virtual-environments-for-github-hosted-runners
states that hosted runners have a 2-core CPU.

This uses make -j $physical_cores to try and be better about utilizing the time spent on those machines.
When github upgrades runners to have more cores we'll benefit from that too.
2020-07-24 22:08:56 -07:00
Taku Fukada
54a342a7f5 Add and correct some type hints 2020-07-24 18:20:03 +09:00
Scott Shawcroft
2bd6d05663
Add externs. GCC10 complains about duplicate defines 2020-07-22 16:26:46 -07:00
Scott Shawcroft
02b71e013a
Merge pull request #3107 from dherrada/type_hints
Adding type hints
2020-07-22 13:48:45 -07:00
Dan Halbert
8e90c1996c
Merge pull request #3162 from tannewt/update_mistune
Move release note converter to latest markdown helper lib
2020-07-22 00:24:12 -04:00
dherrada
9e3fa863f1
Merge branch 'main' into type_hints 2020-07-21 16:18:51 -04:00
Taku Fukada
a29105fefd Improve .pyi generation 2020-07-22 00:37:22 +09:00
Thorsten von Eicken
3e758ef235 lib/mbedtls_errors: Add code to patch mbedtls for shortened error strs.
The file `mbedtls_errors/mp_mbedtls_errors.c` can be used instead of
`mbedtls/library/error.c` to give shorter error strings, reducing the build
size of the error strings from about 12-16kB down to about 2-5kB.
2020-07-20 23:53:27 +10:00
Scott Shawcroft
384a7f7e70
Move release note converter to latest markdown helper lib 2020-07-17 17:09:48 -07:00
dherrada
612c6bb86b
Merge branch 'main' into type_hints 2020-07-17 14:55:30 -04:00
Diego Elio Pettenò
34b4993d63 Add license to some obvious files. 2020-07-06 19:16:25 +01:00
Diego Elio Pettenò
eed7e84d94 Add an explicit SPDX license file for ter-u12n.
While the .bdf file already includes copyright information, this makes it
visible as part of REUSE SPDX identification.
2020-07-06 19:15:41 +01:00
Scott Shawcroft
50a6342f6d
Shrink files.json by using one space instead of four.
Also:
- Remove download count update because the files are no longer
  on GitHub.
- Add "extensions" and "languages" to each board dictionary so we
  can stop using "files" entirely.
2020-07-03 12:54:48 -07:00
Scott Shawcroft
eec42d4cb5
Merge pull request #3087 from sommersoft/cpy_org_sptmtrx
Release PRs To circuitpython.org: Include The Available Built-in Modules For Each Board
2020-07-02 13:45:39 -07:00
dherrada
e169da3532 More extract_pyi tweaks 2020-07-02 12:02:21 -04:00
dherrada
427733af04 More tweaks to extract_pyi.py 2020-07-02 11:30:42 -04:00
dherrada
1e96ca582e Made more modifications to extract_pyi.py 2020-07-02 11:10:43 -04:00
dherrada
d1664bdde2 Fixed extract_pyi script to allow NoneType 2020-07-02 10:25:20 -04:00
Andrew Leech
07f181a216 Revert "tools/pydfu.py: Respect longer timeouts requested by DFU dev..."
This reverts commit 4d6f60d4286b3e6ea8c9fb0141ba13e4978882b6.

This implementation used the timeout as a maximum amount of time needed for
the operation, when actually the spec and other tools suggest that it's the
minumum delay needed between subsequent USB transfers.
2020-07-01 16:54:03 +10:00
Andrew Leech
4d6f60d428 tools/pydfu.py: Respect longer timeouts requested by DFU device/mboot. 2020-06-30 21:22:00 +10:00
sommersoft
928433f2e3 tools/build_board_info.py: add built-in modules information for each board for use on circuitpython.org; uses 'docs/shared_bindings_matrix.py' 2020-06-29 00:27:45 -05:00
Jeff Epler
f496c0b58d atmel-samd: Add SDIO SD card interface 2020-06-26 11:50:42 -05:00
Jeff Epler
9737dd9c30 Scripts: Change wording for pseudoterminals 2020-06-25 11:42:23 -05:00
Jeff Epler
ce95b9379d Refer to "main" branch of circuitpython 2020-06-25 11:42:23 -05:00
Damien George
76faeed098 tools/makemanifest.py: Support freezing a subdirectory recursively.
This adds support for freezing an entire directory while keeping the
directory as part of the import path.  For example

    freeze("path/to/library", "module")

will recursively freeze all scripts in "path/to/library/module" and have
them importable as "from module import ...".

Signed-off-by: Damien George <damien@micropython.org>
2020-06-24 12:21:30 +10:00
sommersoft
5d158d884d ci_check_duplicate_usb_vid_pid.py: change 'whitelist' terminology to 'ignorelist' 2020-06-20 08:44:24 -05:00
sommersoft
023054e67a Merge branch 'main' of https://github.com/adafruit/circuitpython into ci_check_vid_pid 2020-06-20 08:41:41 -05:00
David Lechner
77ed6f69ac tools/uncrustify: Enable more opts to remove space between func and '('.
With only `sp_func_proto_paren = remove` set there are some cases where
uncrustify misses removing a space between the function name and the
opening '('.  This sets all of the related options to `force` as well.
2020-06-19 22:07:32 +10:00
Damien George
026fda605e tools/codeformat.py: Include extmod/{btstack,nimble} in code formatting.
Signed-off-by: Damien George <damien@micropython.org>
2020-06-18 22:20:20 +10:00
Lucian Copeland
37793044fc Add meowbit UF2 download override to website 2020-06-16 12:03:56 -04:00
David Lechner
b4d0d7bf03 tools/uncrustify: Update config for v0.71.0.
This is the result of running...

    uncrustify -c tools/uncrustify.cfg --update-config-with-doc -o tools/uncrustify.cfg

...with some manual fixups to correct places where it changed things it
should not have.

Essentially it just adds new config parameters introduced in v0.71.0
with their default values.

Signed-off-by: David Lechner <david@pybricks.com>
2020-06-14 11:08:05 -05:00
David Lechner
ecd7826316 tools/codeformat.py: Remove sizeof fixup.
Formatting for `* sizeof` was fixed in uncrustify v0.71, so we no longer
need the fixups for it.  Also, there was one file where the updated
uncrustify caught a problem that the regex didn't pick up, which is updated
in this commit.

Signed-off-by: David Lechner <david@pybricks.com>
2020-06-14 20:24:18 +10:00