8000 Validate raw code and mpy read length · flummer/circuitpython@2494bfd · GitHub
[go: up one dir, main page]
Skip to content

Commit 2494bfd

Browse files
tannewttannewt
committed
Validate raw code and mpy read length
1 parent 77355cb commit 2494bfd

File tree

14 files changed

+83
-25
lines changed

14 files changed

+83
-25
lines changed

locale/ID.po

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@ msgid ""
88
msgstr ""
99
"Project-Id-Version: PACKAGE VERSION\n"
1010
"Report-Msgid-Bugs-To: \n"
11-
"POT-Creation-Date: 2019-06-25 16:50-0700\n"
11+
"POT-Creation-Date: 2019-06-25 17:53-0700\n"
1212
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
1313
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
1414
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -464,6 +464,10 @@ msgstr ""
464464
msgid "Corrupt .mpy file"
465465
msgstr ""
466466

467+
#: py/emitglue.c
468+
msgid "Corrupt raw code"
469+
msgstr ""
470+
467471
#: ports/nrf/common-hal/bleio/UUID.c
468472
#, c-format
469473
msgid "Could not decode ble_uuid, err 0x%04x"

locale/circuitpython.pot

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@ msgid ""
88
msgstr ""
99
"Project-Id-Version: PACKAGE VERSION\n"
1010
"Report-Msgid-Bugs-To: \n"
11-
"POT-Creation-Date: 2019-06-25 16:50-0700\n"
11+
"POT-Creation-Date: 2019-06-25 17:53-0700\n"
1212
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
1313
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
1414
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -454,6 +454,10 @@ msgstr ""
454454
msgid "Corrupt .mpy file"
455455
msgstr ""
456456

457+
#: py/emitglue.c
458+
msgid "Corrupt raw code"
459+
msgstr ""
460+
457461
#: ports/nrf/common-hal/bleio/UUID.c
458462
#, c-format
459463
msgid "Could not decode ble_uuid, err 0x%04x"

locale/de_DE.po

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ - 57AE 7,7 +7,7 @@ msgid ""
77
msgstr ""
88
"Project-Id-Version: \n"
99
"Report-Msgid-Bugs-To: \n"
10-
"POT-Creation-Date: 2019-06-25 16:50-0700\n"
10+
"POT-Creation-Date: 2019-06-25 17:53-0700\n"
1111
"PO-Revision-Date: 2018-07-27 11:55-0700\n"
1212
"Last-Translator: Pascal Deneaux\n"
1313
"Language-Team: Sebastian Plamauer, Pascal Deneaux\n"
@@ -458,6 +458,10 @@ msgstr "Der Befehl muss ein int zwischen 0 und 255 sein"
458458
msgid "Corrupt .mpy file"
459459
msgstr ""
460460

461+
#: py/emitglue.c
462+
msgid "Corrupt raw code"
463+
msgstr ""
464+
461465
#: ports/nrf/common-hal/bleio/UUID.c
462466
#, c-format
463467
msgid "Could not decode ble_uuid, err 0x%04x"

locale/en_US.po

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@ msgid ""
77
msgstr ""
88
"Project-Id-Version: \n"
99
"Report-Msgid-Bugs-To: \n"
10-
"POT-Creation-Date: 2019-06-25 16:50-0700\n"
10+
"POT-Creation-Date: 2019-06-25 17:53-0700\n"
1111
"PO-Revision-Date: 2018-07-27 11:55-0700\n"
1212
"Last-Translator: \n"
1313
"Language-Team: \n"
@@ -454,6 +454,10 @@ msgstr ""
454454
msgid "Corrupt .mpy file"
455455
msgstr ""
456456

457+
#: py/emitglue.c
458+
msgid "Corrupt raw code"
459+
msgstr ""
460+
457461
#: ports/nrf/common-hal/bleio/UUID.c
458462
#, c-format
459463
msgid "Could not decode ble_uuid, err 0x%04x"

locale/en_x_pirate.po

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@ msgid ""
77
msgstr ""
88
"Project-Id-Version: \n"
99
"Report-Msgid-Bugs-To: \n"
10-
"POT-Creation-Date: 2019-06-25 16:50-0700\n"
10+
"POT-Creation-Date: 2019-06-25 17:53-0700\n"
1111
"PO-Revision-Date: 2018-07-27 11:55-0700\n"
1212
"Last-Translator: \n"
1313
"Language-Team: @sommersoft, @MrCertainly\n"
@@ -458,6 +458,10 @@ msgstr ""
458458
msgid "Corrupt .mpy file"
459459
msgstr ""
460460

461+
#: py/emitglue.c
462+
msgid "Corrupt raw code"
463+
msgstr ""
464+
461465
#: ports/nrf/common-hal/bleio/UUID.c
462466
#, c-format
463467
msgid "Could not decode ble_uuid, err 0x%04x"

locale/es.po

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@ msgid ""
88
msgstr ""
99
"Project-Id-Version: \n"
1010
"Report-Msgid-Bugs-To: \n"
11-
"POT-Creation-Date: 2019-06-25 16:50-0700\n"
11+
"POT-Creation-Date: 2019-06-25 17:53-0700\n"
1212
"PO-Revision-Date: 2018-08-24 22:56-0500\n"
1313
"Last-Translator: \n"
1414
"Language-Team: \n"
@@ -470,6 +470,10 @@ msgstr "Bytes debe estar entre 0 y 255."
470470
msgid "Corrupt .mpy file"
471471
msgstr ""
472472

473+
#: py/emitglue.c
474+
msgid "Corrupt raw code"
475+
msgstr ""
476+
473477
#: ports/nrf/common-hal/bleio/UUID.c
474478
#, c-format
475479
msgid "Could not decode ble_uuid, err 0x%04x"

locale/fil.po

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@ msgid ""
77
msgstr ""
88
"Project-Id-Version: \n"
99
"Report-Msgid-Bugs-To: \n"
10-
"POT-Creation-Date: 2019-06-25 16:50-0700\n"
10+
"POT-Creation-Date: 2019-06-25 17:53-0700\n"
1111
"PO-Revision-Date: 2018-12-20 22:15-0800\n"
1212
"Last-Translator: Timothy <me@timothygarcia.ca>\n"
1313
"Language-Team: fil\n"
@@ -463,6 +463,10 @@ msgstr "Sa gitna ng 0 o 255 dapat ang bytes."
463463
msgid "Corrupt .mpy file"
464464
msgstr ""
465465

466+
#: py/emitglue.c
467+
msgid "Corrupt raw code"
468+
msgstr ""
469+
466470
#: ports/nrf/common-hal/bleio/UUID.c
467471
#, c-format
468472
msgid "Could not decode ble_uuid, err 0x%04x"

locale/fr.po

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@ msgid ""
88
msgstr ""
99
"Project-Id-Version: 0.1\n"
1010
"Report-Msgid-Bugs-To: \n"
11-
"POT-Creation-Date: 2019-06-25 16:50-0700\n"
11+
"POT-Creation-Date: 2019-06-25 17:53-0700\n"
1212
"PO-Revision-Date: 2019-04-14 20:05+0100\n"
1313
"Last-Translator: Pierrick Couturier <arofarn@arofarn.info>\n"
1414
"Language-Team: fr\n"
@@ -469,6 +469,10 @@ msgstr "La commande doit être un entier entre 0 et 255"
469469
msgid "Corrupt .mpy file"
470470
msgstr ""
471471

472+
#: py/emitglue.c
473+
msgid "Corrupt raw code"
474+
msgstr ""
475+
472476
#: ports/nrf/common-hal/bleio/UUID.c
473477
#, c-format
474478
msgid "Could not decode ble_uuid, err 0x%04x"

locale/it_IT.po

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@ msgid ""
88
msgstr ""
99
"Project-Id-Version: PACKAGE VERSION\n"
1010
"Report-Msgid-Bugs-To: \n"
11-
"POT-Creation-Date: 2019-06-25 16:50-0700\n"
11+
"POT-Creation-Date: 2019-06-25 17:53-0700\n"
1212
"PO-Revision-Date: 2018-10-02 16:27+0200\n"
1313
"Last-Translator: Enrico Paganin <enrico.paganin@mail.com>\n"
1414
"Language-Team: \n"
@@ -464,6 +464,10 @@ msgstr "I byte devono essere compresi tra 0 e 255"
464464
msgid "Corrupt .mpy file"
465465
msgstr ""
466466

467+
#: py/emitglue.c
468+
msgid "Corrupt raw code"
469+
msgstr ""
470+
467471
#: ports/nrf/common-hal/bleio/UUID.c
468472
#, c-format
469473
msgid "Could not decode ble_uuid, err 0x%04x"

locale/pl.po

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@ msgid ""
77
msgstr ""
88
"Project-Id-Version: \n"
99
"Report-Msgid-Bugs-To: \n"
10-
"POT-Creation-Date: 2019-06-25 16:50-0700\n"
10+
"POT-Creation-Date: 2019-06-25 17:53-0700\n"
1111
"PO-Revision-Date: 2019-03-19 18:37-0700\n"
1212
"Last-Translator: Radomir Dopieralski <circuitpython@sheep.art.pl>\n"
1313
"Language-Team: pl\n"
@@ -457,6 +457,10 @@ msgstr "Komenda musi być int pomiędzy 0 a 255"
457457
msgid "Corrupt .mpy file"
458458
msgstr ""
459459

460+
#: py/emitglue.c
461+
msgid "Corrupt raw code"
462+
msgstr ""
463+
460464
#: ports/nrf/common-hal/bleio/UUID.c
461465
#, c-format
462466
msgid "Could not decode ble_uuid, err 0x%04x"

locale/pt_BR.po

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@ msgid ""
88
msgstr ""
99
"Project-Id-Version: PACKAGE VERSION\n"
1010
"Report-Msgid-Bugs-To: \n"
11-
"POT-Creation-Date: 2019-06-25 16:50-0700\n"
11+
"POT-Creation-Date: 2019-06-25 17:53-0700\n"
1212
"PO-Revision-Date: 2018-10-02 21:14-0000\n"
1313
"Last-Translator: \n"
1414
"Language-Team: \n"
@@ -460,6 +460,10 @@ msgstr "Os bytes devem estar entre 0 e 255."
460460
msgid "Corrupt .mpy file"
461461
msgstr ""
462462

463+
#: py/emitglue.c
464+
msgid "Corrupt raw code"
465+
msgstr ""
466+
463467
#: ports/nrf/common-hal/bleio/UUID.c
464468
#, c-format
465469
msgid "Could not decode ble_uuid, err 0x%04x"

locale/zh_Latn_pinyin.po

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@ msgid ""
77
msgstr ""
88
"Project-Id-Version: circuitpython-cn\n"
99
"Report-Msgid-Bugs-To: \n"
10-
"POT-Creation-Date: 2019-06-25 16:50-0700\n"
10+
"POT-Creation-Date: 2019-06-25 17:53-0700\n"
1111
"PO-Revision-Date: 2019-04-13 10:10-0700\n"
1212
"Last-Translator: hexthat\n"
1313
"Language-Team: Chinese Hanyu Pinyin\n"
@@ -458,6 +458,10 @@ msgstr "Mìnglìng bìxū shì 0 dào 255 zhī jiān de int"
458458
msgid "Corrupt .mpy file"
459459
msgstr ""
460460

461+
#: py/emitglue.c
462+
msgid "Corrupt raw code"
463+
msgstr ""
464+
461465
#: ports/nrf/common-hal/bleio/UUID.c
462466
#, c-format
463467
msgid "Could not decode ble_uuid, err 0x%04x"

py/emitglue.c

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -142,11 +142,12 @@ mp_obj_t mp_make_function_from_raw_code(const mp_raw_code_t *rc, mp_obj_t def_ar
142142
fun = mp_obj_new_fun_asm(rc->n_pos_args, rc->data.u_native.fun_data, rc->data.u_native.type_sig);
143143
break;
144144
#endif
145-
default:
146-
// rc->kind should always be set and BYTECODE is the only remaining case
147-
assert(rc->kind == MP_CODE_BYTECODE);
145+
case MP_CODE_BYTECODE:
148146
fun = mp_obj_new_fun_bc(def_args, def_kw_args, rc->data.u_byte.bytecode, rc->data.u_byte.const_table);
149147
break;
148+
default:
149+
// All other kinds are invalid.
150+
mp_raise_RuntimeError(translate("Corrupt raw code"));
150151
}
151152

152153
// check for generator functions and if so wrap in generator object

py/persistentcode.c

Lines changed: 19 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -102,20 +102,35 @@ STATIC void extract_prelude(const byte **ip, const byte **ip2, bytecode_prelude_
102102

103103
#include "py/parsenum.h"
104104

105+
STATIC void raise_corrupt_mpy(void) {
106+
mp_raise_RuntimeError(translate("Corrupt .mpy file"));
107+
}
108+
105109
STATIC int read_byte(mp_reader_t *reader) {
106-
return reader->readbyte(reader->data);
110+
mp_uint_t b = reader->readbyte(reader->data);
111+
if (b == MP_READER_EOF) {
112+
raise_corrupt_mpy();
113+
}
114+
return b;
107115
}
108116

109117
STATIC void read_bytes(mp_reader_t *reader, byte *buf, size_t len) {
110118
while (len-- > 0) {
111-
*buf++ = reader->readbyte(reader->data);
119+
mp_uint_t b =reader->readbyte(reader->data);
120+
if (b == MP_READER_EOF) {
121+
raise_corrupt_mpy();
122+
}
123+
*buf++ = b;
112124
}
113125
}
114126

115127
STATIC size_t read_uint(mp_reader_t *reader) {
116128
size_t unum = 0;
117129
for (;;) {
118-
byte b = reader->readbyte(reader->data);
130+
mp_uint_t b = reader->readbyte(reader->data);
131+
if (b == MP_READER_EOF) {
132+
raise_corrupt_mpy();
133+
}
119134
unum = (unum << 7) | (b & 0x7f);
120135
if ((b & 0x80) == 0) {
121136
break;
@@ -128,12 +143,6 @@ STATIC qstr load_qstr(mp_reader_t *reader) {
128143
size_t len = read_uint(reader);
129144
char str[len];
130145
read_bytes(reader, (byte*)str, len);
131-
// Validate the QSTRs by ensuring they do not contain any null terminations. They are length encoded instead.
132-
for (size_t i = 0; i < len; i++) {
133-
if (str[i] == '\0') {
134-
mp_raise_RuntimeError(translate("Corrupt .mpy file"));
135-
}
136-
}
137146
qstr qst = qstr_from_strn(str, len);
138147
return qst;
139148
}
@@ -155,7 +164,7 @@ STATIC mp_obj_t load_obj(mp_reader_t *reader) {
155164
return mp_parse_num_decimal(vstr.buf, vstr.len, obj_type == 'c', false, NULL);
156165
}
157166
}
158-
mp_raise_RuntimeError(translate("Corrupt .mpy file"));
167+
raise_corrupt_mpy();
159168
return MP_OBJ_FROM_PTR(&mp_const_none_obj);
160169
}
161170

0 commit comments

Comments
 (0)
0