From: Jérémie Astor Date: Sun, 5 Sep 2021 19:15:38 +0000 (+0200) Subject: :art: Secure accesses X-Git-Tag: nightly~470^2~15 X-Git-Url: http://10.10.0.4:5575/?a=commitdiff_plain;h=0c227eb846738fdf062b9a33619ffc49732ce4d5;p=gwion.git :art: Secure accesses --- diff --git a/plug b/plug index 3c3ef7e9..1f6a5431 160000 --- a/plug +++ b/plug @@ -1 +1 @@ -Subproject commit 3c3ef7e94a1d508e871d2b6041e0522b57b54039 +Subproject commit 1f6a5431625621eb2619fd63cd2061aee9ea0022 diff --git a/src/emit/emit.c b/src/emit/emit.c index c8c80fee..95bf9944 100644 --- a/src/emit/emit.c +++ b/src/emit/emit.c @@ -458,6 +458,13 @@ ANN static m_bool emit_symbol_builtin(const Emitter emit, const Symbol *data) { const m_uint size = v->type->size; const Instr instr = emit_dotstatic(emit, size, exp_getvar(prim_exp(data))); instr->m_val = (m_uint)&v->d.ptr; + // prevent invalid access to global variables + if(!exp_getvar(exp_self(prim_self(data))) && + isa(v->type, emit->gwion->type[et_object]) > 0) { + const Instr instr = emit_add_instr(emit, GWOP_EXCEPT); + instr->m_val = -SZ_INT; + // use m_val2 to set some info? + } } else { const m_uint size = v->type->size; const Instr instr = emit_regpushimm(emit, size, exp_getvar(prim_exp(data))); diff --git a/src/lib/array.c b/src/lib/array.c index 9208f388..f1cd6fe4 100644 --- a/src/lib/array.c +++ b/src/lib/array.c @@ -310,6 +310,8 @@ ANN static void array_loop(const Emitter emit, const m_uint depth) { const Instr get = emit_add_instr(emit, ArrayGet); get->m_val = i * SZ_INT; get->m_val2 = -SZ_INT; + const Instr ex = emit_add_instr(emit, GWOP_EXCEPT); + ex->m_val = -SZ_INT; } const Instr post_pop = emit_add_instr(emit, RegMove); post_pop->m_val = -SZ_INT; @@ -318,12 +320,18 @@ ANN static void array_loop(const Emitter emit, const m_uint depth) { } ANN static void array_finish(const Emitter emit, const m_uint depth, - const m_uint size, const m_bool is_var) { + const Type t, const m_bool is_var) { const Instr get = emit_add_instr(emit, is_var ? ArrayAddr : ArrayGet); + // determine if we have an object here + if(!is_var) { + const m_uint _depth = get_depth(t); + if(_depth < depth || isa(array_base(t), emit->gwion->type[et_object]) > 0) + emit_add_instr(emit, GWOP_EXCEPT); + } get->m_val = depth * SZ_INT; // emit_add_instr(emit, ArrayValid); const Instr push = emit_add_instr(emit, RegMove); - push->m_val = is_var ? SZ_INT : size; + push->m_val = is_var ? SZ_INT : t->size; } ANN static inline m_bool array_do(const Emitter emit, const Array_Sub array, @@ -331,7 +339,7 @@ ANN static inline m_bool array_do(const Emitter emit, const Array_Sub array, // emit_gc(emit, -SZ_INT); CHECK_BB(emit_exp(emit, array->exp)); array_loop(emit, array->depth); - array_finish(emit, array->depth, array->type->size, is_var); + array_finish(emit, array->depth, array->type, is_var); return GW_OK; } diff --git a/src/lib/object_op.c b/src/lib/object_op.c index ed06cac7..04f92bde 100644 --- a/src/lib/object_op.c +++ b/src/lib/object_op.c @@ -258,7 +258,9 @@ OP_EMIT(opem_object_dot) { const Instr instr = emit_add_instr(emit, RegPushImm); instr->m_val = (m_uint)value->type; } - if (GET_FLAG(value, late) && !exp_getvar(exp_self(member))) { + if(isa(value->type, emit->gwion->type[et_object]) > 0 && + !exp_getvar(exp_self(member)) && + (GET_FLAG(value, static) || GET_FLAG(value, late))) { const Instr instr = emit_add_instr(emit, GWOP_EXCEPT); instr->m_val = -SZ_INT; } @@ -345,9 +347,10 @@ static OP_EMIT(opem_not_object) { const Vector v = &emit->code->instr; const Instr back = (Instr)vector_back(v); if (back->opcode == eGWOP_EXCEPT) { - vector_pop(v); - mp_free(emit->gwion->mp, Instr, back); - emit_add_instr(emit, IntNot); + back->opcode = eIntNot; +// vector_pop(v); +// mp_free(emit->gwion->mp, Instr, back); +// emit_add_instr(emit, IntNot); return GW_OK; } const Instr instr = emit_add_instr(emit, RegSetImm);