Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(ext/ffi): Check CStr for UTF-8 validity on read #15318

Merged
merged 14 commits into from
Aug 5, 2022
Merged

fix(ext/ffi): Check CStr for UTF-8 validity on read #15318

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
14 commits
Select commit Hold shift + click to select a range
e35f372
fix(ext/ffi): Check CStr for UTF-8 validity on read
aapoalas Jul 27, 2022
f44a491
format
aapoalas Jul 27, 2022
7a49e21
Merge branch 'main' into fix-ext-ffi-cstr-check-utf8
aapoalas Jul 27, 2022
cb95e7e
Merge branch 'main' into fix-ext-ffi-cstr-check-utf8
aapoalas Jul 27, 2022
a288b5b
Add test
aapoalas Jul 27, 2022
1421bd2
Make error a bit more visible
aapoalas Jul 27, 2022
195e685
Update ext/ffi/lib.rs
aapoalas Jul 28, 2022
bbd622c
Merge branch 'main' into fix-ext-ffi-cstr-check-utf8
aapoalas Jul 28, 2022
da69f91
fmt
aapoalas Jul 28, 2022
5c14b24
Merge branch 'main' into fix-ext-ffi-cstr-check-utf8
aapoalas Jul 28, 2022
965818d
Merge branch 'main' into fix-ext-ffi-cstr-check-utf8
aapoalas Jul 29, 2022
c6fe889
Merge branch 'main' into fix-ext-ffi-cstr-check-utf8
aapoalas Jul 30, 2022
696325d
Merge branch 'main' into fix-ext-ffi-cstr-check-utf8
aapoalas Jul 31, 2022
28d7e0a
Merge branch 'main' into fix-ext-ffi-cstr-check-utf8
aapoalas Aug 5, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
15 changes: 8 additions & 7 deletions ext/ffi/lib.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2187,13 +2187,14 @@ where
permissions.check(None)?;

// SAFETY: Pointer is user provided.
let cstr = unsafe { CStr::from_ptr(ptr as *const c_char) }.to_bytes();
let value: v8::Local<v8::Value> =
v8::String::new_from_utf8(scope, cstr, v8::NewStringType::Normal)
.ok_or_else(|| {
type_error("Invalid CString pointer, string exceeds max length")
})?
.into();
let cstr = unsafe { CStr::from_ptr(ptr as *const c_char) }
.to_str()
.map_err(|_| type_error("Invalid CString pointer, not valid UTF-8"))?;
let value: v8::Local<v8::Value> = v8::String::new(scope, cstr)
.ok_or_else(|| {
type_error("Invalid CString pointer, string exceeds max length")
})?
.into();
Ok(value.into())
}

Expand Down
7 changes: 7 additions & 0 deletions test_ffi/src/lib.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -411,3 +411,10 @@ static STRING: &str = "Hello, world!\0";
extern "C" fn ffi_string() -> *const u8 {
STRING.as_ptr()
}

/// Invalid UTF-8 characters, array of length 14
#[no_mangle]
pub static static_char: [u8; 14] = [
0xC0, 0xC1, 0xF5, 0xF6, 0xF7, 0xF8, 0xF9, 0xFA, 0xFB, 0xFC, 0xFD, 0xFE, 0xFF,
0x00,
];
24 changes: 24 additions & 0 deletions test_ffi/tests/test.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@

// Run using cargo test or `--v8-options=--allow-natives-syntax`

import { assertEquals } from "https://deno.land/[email protected]/testing/asserts.ts";
import {
assertThrows,
} from "../../test_util/std/testing/asserts.ts";
Expand Down Expand Up @@ -186,6 +187,12 @@ const dylib = Deno.dlopen(libPath, {
"static_ptr": {
type: "pointer",
},
/**
* Invalid UTF-8 characters, buffer of length 14
*/
"static_char": {
type: "pointer",
},
});
const { symbols } = dylib;

Expand Down Expand Up @@ -478,6 +485,23 @@ uint32Array[0] = 55; // MUTATES!
console.log("uint32Array[0] after mutation:", uint32Array[0]);
console.log("Static ptr value after mutation:", view.getUint32());

// Test non-UTF-8 characters

const charView = new Deno.UnsafePointerView(dylib.symbols.static_char);

const charArrayBuffer = charView.getArrayBuffer(14);
const uint8Array = new Uint8Array(charArrayBuffer);
assertEquals([...uint8Array], [
0xC0, 0xC1, 0xF5, 0xF6, 0xF7, 0xF8, 0xF9, 0xFA, 0xFB, 0xFC, 0xFD, 0xFE, 0xFF,
0x00
]);

try {
assertThrows(() => charView.getCString(), TypeError, "Invalid CString pointer, not valid UTF-8");
} catch (_err) {
console.log("Invalid UTF-8 characters to `v8::String`:", charView.getCString());
aapoalas marked this conversation as resolved.
Show resolved Hide resolved
}

(function cleanup() {
dylib.close();
throwCallback.close();
Expand Down