GitHub/gf-core
1
0
Fork 1
mirror of https://github.com/GrammaticalFramework/gf-core.git synced 2026-05-24 10:22:50 -06:00
Code Issues Packages Projects Releases Wiki Activity

added safeguard to ensure that PgfRevision is an actual object

Browse Source
This commit is contained in:
krangelov
2021-09-08 09:17:12 +02:00
parent f741bd9332
commit 2e846cdf59
4 changed files with 35 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
src/runtime/c/pgf/data.h
View File

@@ -8,11 +8,6 @@
#include <stdexcept> #include <stdexcept>
#include "pgf.h" #include "pgf.h"
#include "db.h"
#include "text.h"
#include "vector.h"
#include "namespace.h"
#include "expr.h"
class PGF_INTERNAL_DECL pgf_error : public std::runtime_error { class PGF_INTERNAL_DECL pgf_error : public std::runtime_error {
public: public:
@@ -59,6 +54,12 @@ private:
const char *m_filepath; const char *m_filepath;
}; };
#include "db.h"
#include "text.h"
#include "vector.h"
#include "namespace.h"
#include "expr.h"
struct PGF_INTERNAL_DECL PgfFlag { struct PGF_INTERNAL_DECL PgfFlag {
PgfLiteral value; PgfLiteral value;
PgfText name; PgfText name;

7
src/runtime/c/pgf/db.cxx
View File

@@ -958,6 +958,13 @@ void PgfDB::free_internal(object o)
} }
} }
bool PgfDB::is_valid_object(object o, size_t bytes)
{
if (o <= sizeof(*ms) || o >= ms->top)
return false;
mchunk *chunk = mem2chunk(ptr(ms,o));
return (chunksize(chunk) == request2size(bytes));
}
DB_scope::DB_scope(PgfDB *db, DB_scope_mode tp) DB_scope::DB_scope(PgfDB *db, DB_scope_mode tp)
{ {

10
src/runtime/c/pgf/db.h
View File

@@ -93,6 +93,14 @@ public:
current_db->set_root_internal(root.offset); current_db->set_root_internal(root.offset);
} }
template<class A>
static ref<A> safe_object2ref(object o) {
if (!current_db->is_valid_object(o, sizeof(A)))
throw pgf_error("Invalid database object");
return o;
}
PGF_INTERNAL_DECL static void sync(); PGF_INTERNAL_DECL static void sync();
private: private:
@@ -104,6 +112,8 @@ private:
PGF_INTERNAL_DECL object get_root_internal(); PGF_INTERNAL_DECL object get_root_internal();
PGF_INTERNAL_DECL void set_root_internal(object root_offset); PGF_INTERNAL_DECL void set_root_internal(object root_offset);
PGF_INTERNAL_DECL bool is_valid_object(object o, size_t bytes);
PGF_INTERNAL_DECL unsigned char* relocate(unsigned char* ptr); PGF_INTERNAL_DECL unsigned char* relocate(unsigned char* ptr);
friend class DB_scope; friend class DB_scope;

24
src/runtime/c/pgf/pgf.cxx
View File

@@ -160,7 +160,7 @@ PgfText *pgf_abstract_name(PgfDB *db, PgfRevision revision,
{ {
PGF_API_BEGIN { PGF_API_BEGIN {
DB_scope scope(db, READER_SCOPE); DB_scope scope(db, READER_SCOPE);
ref<PgfPGF> pgf = revision; ref<PgfPGF> pgf = PgfDB::safe_object2ref<PgfPGF>(revision);
return textdup(&(*pgf->abstract.name)); return textdup(&(*pgf->abstract.name));
} PGF_API_END } PGF_API_END
@@ -174,7 +174,7 @@ void pgf_iter_categories(PgfDB *db, PgfRevision revision,
{ {
PGF_API_BEGIN { PGF_API_BEGIN {
DB_scope scope(db, READER_SCOPE); DB_scope scope(db, READER_SCOPE);
ref<PgfPGF> pgf = revision; ref<PgfPGF> pgf = PgfDB::safe_object2ref<PgfPGF>(revision);
namespace_iter(pgf->abstract.cats, itor, err); namespace_iter(pgf->abstract.cats, itor, err);
} PGF_API_END } PGF_API_END
@@ -187,7 +187,7 @@ PgfType pgf_start_cat(PgfDB *db, PgfRevision revision,
{ {
PGF_API_BEGIN { PGF_API_BEGIN {
DB_scope scope(db, READER_SCOPE); DB_scope scope(db, READER_SCOPE);
ref<PgfPGF> pgf = revision; ref<PgfPGF> pgf = PgfDB::safe_object2ref<PgfPGF>(revision);
PgfText *startcat = (PgfText *) PgfText *startcat = (PgfText *)
alloca(sizeof(PgfText)+9); alloca(sizeof(PgfText)+9);
@@ -228,7 +228,7 @@ PgfTypeHypo *pgf_category_context(PgfDB *db, PgfRevision revision,
{ {
PGF_API_BEGIN { PGF_API_BEGIN {
DB_scope scope(db, READER_SCOPE); DB_scope scope(db, READER_SCOPE);
ref<PgfPGF> pgf = revision; ref<PgfPGF> pgf = PgfDB::safe_object2ref<PgfPGF>(revision);
ref<PgfAbsCat> abscat = ref<PgfAbsCat> abscat =
namespace_lookup(pgf->abstract.cats, catname); namespace_lookup(pgf->abstract.cats, catname);
@@ -262,7 +262,7 @@ prob_t pgf_category_prob(PgfDB *db, PgfRevision revision,
{ {
PGF_API_BEGIN { PGF_API_BEGIN {
DB_scope scope(db, READER_SCOPE); DB_scope scope(db, READER_SCOPE);
ref<PgfPGF> pgf = revision; ref<PgfPGF> pgf = PgfDB::safe_object2ref<PgfPGF>(revision);
ref<PgfAbsCat> abscat = ref<PgfAbsCat> abscat =
namespace_lookup(pgf->abstract.cats, catname); namespace_lookup(pgf->abstract.cats, catname);
@@ -282,7 +282,7 @@ void pgf_iter_functions(PgfDB *db, PgfRevision revision,
{ {
PGF_API_BEGIN { PGF_API_BEGIN {
DB_scope scope(db, READER_SCOPE); DB_scope scope(db, READER_SCOPE);
ref<PgfPGF> pgf = revision; ref<PgfPGF> pgf = PgfDB::safe_object2ref<PgfPGF>(revision);
pgf_exn_clear(err); pgf_exn_clear(err);
namespace_iter(pgf->abstract.funs, itor, err); namespace_iter(pgf->abstract.funs, itor, err);
@@ -311,7 +311,7 @@ void pgf_iter_functions_by_cat(PgfDB *db, PgfRevision revision,
{ {
PGF_API_BEGIN { PGF_API_BEGIN {
DB_scope scope(db, READER_SCOPE); DB_scope scope(db, READER_SCOPE);
ref<PgfPGF> pgf = revision; ref<PgfPGF> pgf = PgfDB::safe_object2ref<PgfPGF>(revision);
PgfItorHelper helper; PgfItorHelper helper;
helper.fn = iter_by_cat_helper; helper.fn = iter_by_cat_helper;
@@ -329,7 +329,7 @@ PgfType pgf_function_type(PgfDB *db, PgfRevision revision,
{ {
PGF_API_BEGIN { PGF_API_BEGIN {
DB_scope scope(db, READER_SCOPE); DB_scope scope(db, READER_SCOPE);
ref<PgfPGF> pgf = revision; ref<PgfPGF> pgf = PgfDB::safe_object2ref<PgfPGF>(revision);
ref<PgfAbsFun> absfun = ref<PgfAbsFun> absfun =
namespace_lookup(pgf->abstract.funs, funname); namespace_lookup(pgf->abstract.funs, funname);
@@ -349,7 +349,7 @@ int pgf_function_is_constructor(PgfDB *db, PgfRevision revision,
{ {
PGF_API_BEGIN { PGF_API_BEGIN {
DB_scope scope(db, READER_SCOPE); DB_scope scope(db, READER_SCOPE);
ref<PgfPGF> pgf = revision; ref<PgfPGF> pgf = PgfDB::safe_object2ref<PgfPGF>(revision);
ref<PgfAbsFun> absfun = ref<PgfAbsFun> absfun =
namespace_lookup(pgf->abstract.funs, funname); namespace_lookup(pgf->abstract.funs, funname);
@@ -369,7 +369,7 @@ prob_t pgf_function_prob(PgfDB *db, PgfRevision revision,
{ {
PGF_API_BEGIN { PGF_API_BEGIN {
DB_scope scope(db, READER_SCOPE); DB_scope scope(db, READER_SCOPE);
ref<PgfPGF> pgf = revision; ref<PgfPGF> pgf = PgfDB::safe_object2ref<PgfPGF>(revision);
ref<PgfAbsFun> absfun = ref<PgfAbsFun> absfun =
namespace_lookup(pgf->abstract.funs, funname); namespace_lookup(pgf->abstract.funs, funname);
@@ -435,7 +435,7 @@ PgfRevision pgf_clone_revision(PgfDB *db, PgfRevision revision,
pgf_exn_clear(err); pgf_exn_clear(err);
try { try {
ref<PgfPGF> pgf = revision; ref<PgfPGF> pgf = PgfDB::safe_object2ref<PgfPGF>(revision);
ref<PgfPGF> new_pgf = PgfDB::malloc<PgfPGF>(); ref<PgfPGF> new_pgf = PgfDB::malloc<PgfPGF>();
new_pgf->major_version = pgf->major_version; new_pgf->major_version = pgf->major_version;
@@ -488,7 +488,7 @@ void pgf_create_function(PgfDB *db, PgfRevision revision,
try { try {
PgfDBUnmarshaller u(m); PgfDBUnmarshaller u(m);
ref<PgfPGF> pgf = revision; ref<PgfPGF> pgf = PgfDB::safe_object2ref<PgfPGF>(revision);
ref<PgfAbsFun> absfun = PgfDB::malloc<PgfAbsFun>(sizeof(PgfAbsFun)+name->size+1); ref<PgfAbsFun> absfun = PgfDB::malloc<PgfAbsFun>(sizeof(PgfAbsFun)+name->size+1);
absfun->type = m->match_type(&u, ty); absfun->type = m->match_type(&u, ty);
absfun->arity = 0; absfun->arity = 0;