summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorWouter van Oortmerssen <aardappel@gmail.com>2021-12-14 11:20:15 -0800
committerWouter van Oortmerssen <aardappel@gmail.com>2021-12-14 11:20:23 -0800
commitd8b7041d7e111a0dc8b80f13c1df2fd35d32387d (patch)
treec2127afd088c9558fd477627af391c5c1f296644
parent5a0c3366c3192eb15b40624dfa7863983ffc7302 (diff)
downloadflatbuffers-d8b7041d7e111a0dc8b80f13c1df2fd35d32387d.tar.gz
flatbuffers-d8b7041d7e111a0dc8b80f13c1df2fd35d32387d.tar.bz2
flatbuffers-d8b7041d7e111a0dc8b80f13c1df2fd35d32387d.zip
Added alignment checking to FlexBuffers verifier
-rw-r--r--include/flatbuffers/flexbuffers.h10
1 files changed, 10 insertions, 0 deletions
diff --git a/include/flatbuffers/flexbuffers.h b/include/flatbuffers/flexbuffers.h
index b57e8ad2..89f3f308 100644
--- a/include/flatbuffers/flexbuffers.h
+++ b/include/flatbuffers/flexbuffers.h
@@ -1645,6 +1645,7 @@ class Verifier FLATBUFFERS_FINAL_CLASS {
// comes at the cost of using additional memory the same size of
// the buffer being verified, so it is by default off.
std::vector<uint8_t> *reuse_tracker = nullptr,
+ bool _check_alignment = true,
size_t max_depth = 64)
: buf_(buf),
size_(buf_len),
@@ -1652,6 +1653,7 @@ class Verifier FLATBUFFERS_FINAL_CLASS {
max_depth_(max_depth),
num_vectors_(0),
max_vectors_(buf_len),
+ check_alignment_(_check_alignment),
reuse_tracker_(reuse_tracker) {
FLATBUFFERS_ASSERT(size_ < FLATBUFFERS_MAX_BUFFER_SIZE);
if (reuse_tracker_) {
@@ -1701,6 +1703,11 @@ class Verifier FLATBUFFERS_FINAL_CLASS {
off <= static_cast<uint64_t>(p - buf_);
}
+ bool VerifyAlignment(const uint8_t *p, size_t size) const {
+ auto o = static_cast<size_t>(p - buf_);
+ return Check((o & (size - 1)) == 0 || !check_alignment_);
+ }
+
// Macro, since we want to escape from parent function & use lazy args.
#define FLEX_CHECK_VERIFIED(P, PACKED_TYPE) \
if (reuse_tracker_) { \
@@ -1795,6 +1802,8 @@ class Verifier FLATBUFFERS_FINAL_CLASS {
if (!VerifyOffset(off, r.data_))
return false;
auto p = r.Indirect();
+ if (!VerifyAlignment(p, r.byte_width_))
+ return false;
switch (r.type_) {
case FBT_INDIRECT_INT:
case FBT_INDIRECT_UINT:
@@ -1862,6 +1871,7 @@ class Verifier FLATBUFFERS_FINAL_CLASS {
const size_t max_depth_;
size_t num_vectors_;
const size_t max_vectors_;
+ bool check_alignment_;
std::vector<uint8_t> *reuse_tracker_;
};