From 2d3767b3061820d03e5c9d9dbbe364f653a182f7 Mon Sep 17 00:00:00 2001 From: lphwork Date: Fri, 17 Nov 2023 07:46:43 +0000 Subject: [PATCH 01/15] verifier register index of abc file,add arg_num judgement,add test case,modify comment,modify build.gn,modify register verifier method,remove extra blank line,modify function name Signed-off-by: lphwork --- verifier/BUILD.gn | 6 +- verifier/tests/BUILD.gn | 2 + verifier/tests/js/test_register_index.js | 38 +++++++ verifier/tests/verify_register_index_test.cpp | 102 ++++++++++++++++++ verifier/verifier.cpp | 40 +++++++ verifier/verifier.h | 1 + 6 files changed, 188 insertions(+), 1 deletion(-) create mode 100644 verifier/tests/js/test_register_index.js create mode 100644 verifier/tests/verify_register_index_test.cpp diff --git a/verifier/BUILD.gn b/verifier/BUILD.gn index 65b39beb34..66ba0eab2a 100755 --- a/verifier/BUILD.gn +++ b/verifier/BUILD.gn @@ -32,7 +32,11 @@ arkverifier_configs = [ ohos_executable("ark_verifier") { sources = arkverifier_sources - deps = [ "$ark_root/libpandafile:libarkfile_static" ] + deps = [ + "$ark_root/libpandafile:libarkfile_static", + "$ark_root/libziparchive:libarkziparchive_static", + sdk_libc_secshared_dep, + ] configs = arkverifier_configs diff --git a/verifier/tests/BUILD.gn b/verifier/tests/BUILD.gn index c1b5fbd571..b5b2650ec9 100755 --- a/verifier/tests/BUILD.gn +++ b/verifier/tests/BUILD.gn @@ -31,6 +31,7 @@ verifier_test_deps = [ verifier_test_js_files = [ "test_checksum", "test_constant_pool", + "test_register_index", ] test_js_path = "//arkcompiler/runtime_core/verifier/tests/js/" @@ -55,6 +56,7 @@ host_unittest_action("VerifierTest") { "utils.cpp", "verify_checksum_test.cpp", "verify_constant_pool_tests.cpp", + "verify_register_index_test.cpp", ] include_dirs = [ "$ark_root/verifier" ] diff --git a/verifier/tests/js/test_register_index.js b/verifier/tests/js/test_register_index.js new file mode 100644 index 0000000000..3f61ed7074 --- /dev/null +++ b/verifier/tests/js/test_register_index.js @@ -0,0 +1,38 @@ +/* + Copyright (c) 2023 Huawei Device Co., Ltd. + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + * + http://www.apache.org/licenses/LICENSE-2.0 + * + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + */ + +let c = dddd; +function setValue() { + let b = a; + return b; +} + +class Teacher { + constructor(name, pay) { + this.name = name; + this.pay = pay; + } +} + +let stu = new Teacher('zhangsansan', 15000); +console.log(stu.pay); + +let arr = [1, 2, 3]; +console.log(arr); + +let o = { + color: 'red' +}; +console.log(o); \ No newline at end of file diff --git a/verifier/tests/verify_register_index_test.cpp b/verifier/tests/verify_register_index_test.cpp new file mode 100644 index 0000000000..644a064b2d --- /dev/null +++ b/verifier/tests/verify_register_index_test.cpp @@ -0,0 +1,102 @@ +/* + * Copyright (c) 2023 Huawei Device Co., Ltd. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "verifier.h" + +#include +#include +#include +#include + +#include "file.h" +#include "utils/logger.h" +#include "code_data_accessor-inl.h" +#include "method_data_accessor-inl.h" + +using namespace testing::ext; +namespace panda::verifier { +class VerifierRegisterTest : public testing::Test { +public: + static void SetUpTestCase(void) {}; + static void TearDownTestCase(void) {}; + void SetUp() {}; + void TearDown() {}; + + void GenerateModifiedAbc(const std::vector &buffer, const std::string &filename) { + std::ofstream abc_file(filename, std::ios::out | std::ios::binary); + if (!abc_file.is_open()) { + LOG(ERROR, VERIFIER) << "Failed to open file " << filename; + EXPECT_TRUE(abc_file.is_open()); + } + + abc_file.write(reinterpret_cast(buffer.data()), buffer.size()); + abc_file.close(); + } +}; + +/** +* @tc.name: verifier_test_001 +* @tc.desc: Verify the abc file register index function. +* @tc.type: FUNC +* @tc.require: file path and name +*/ +HWTEST_F(VerifierRegisterTest, verifier_register_001, TestSize.Level1) +{ + const std::string file_name = GRAPH_TEST_ABC_DIR "test_register_index.abc"; + panda::verifier::Verifier ver {file_name}; + EXPECT_TRUE(ver.VerifyRegisterIndex()); +} + +/** +* @tc.name: verifier_test_002 +* @tc.desc: Verify the modified abc file register index function. +* @tc.type: FUNC +* @tc.require: file path and name +*/ +HWTEST_F(VerifierRegisterTest, verifier_register_002, TestSize.Level1) +{ + const std::string base_file_name = GRAPH_TEST_ABC_DIR "test_register_index.abc"; + { + panda::verifier::Verifier ver {base_file_name}; + EXPECT_TRUE(ver.VerifyRegisterIndex()); + } + // the new register index in the abc file + const uint8_t new_reg_id = 0x09; + + std::ifstream base_file(base_file_name, std::ios::binary); + if (!base_file.is_open()) { + LOG(ERROR, VERIFIER) << "Failed to open file " << base_file_name; + EXPECT_TRUE(base_file.is_open()); + } + std::vector buffer(std::istreambuf_iterator(base_file), {}); + // the known opcode in the abc file + const std::vector op_v8 = {0x60, 0x03}; + + for (size_t i = 0; i < buffer.size() - 2; i++) { + if (buffer[i] == op_v8[0] && buffer[i+1] == op_v8[1]) { + buffer[i + 1] = static_cast(new_reg_id); + } + } + + const std::string tar_file_name = GRAPH_TEST_ABC_DIR "verifier_register_002.abc"; + GenerateModifiedAbc(buffer, tar_file_name); + base_file.close(); + + { + panda::verifier::Verifier ver {tar_file_name}; + EXPECT_FALSE(ver.VerifyRegisterIndex()); + } +} +} diff --git a/verifier/verifier.cpp b/verifier/verifier.cpp index 2c70c4dad5..d525176e95 100644 --- a/verifier/verifier.cpp +++ b/verifier/verifier.cpp @@ -39,7 +39,43 @@ bool Verifier::Verify() if (!VerifyConstantPool()) { return false; } + + if (!VerifyRegisterIndex()) { + return false; + } + + return true; +} + +bool Verifier::VerifyRegisterIndex() +{ + if (file_ == nullptr) { + return false; + } + GetMethodIds(); + for (const auto &method_id : method_ids_) { + panda_file::MethodDataAccessor method_accessor {*file_, method_id}; + if (!method_accessor.GetCodeId().has_value()) { + continue; + } + panda_file::CodeDataAccessor code_data(*file_, method_accessor.GetCodeId().value()); + const auto reg_nums = code_data.GetNumVregs(); + const auto arg_nums = code_data.GetNumArgs(); + auto bc_ins = BytecodeInstruction(code_data.GetInstructions()); + const auto bc_ins_last = bc_ins.JumpTo(code_data.GetCodeSize()); + ASSERT(arg_nums >= 3); + while (bc_ins.GetAddress() < bc_ins_last.GetAddress()) { + const uint32_t reg_idx = static_cast(bc_ins.GetVReg()); + if (reg_idx >= (reg_nums + arg_nums)) { + LOG(ERROR, VERIFIER) << "register index out of bounds. register index is (0x" << std::hex + << bc_ins.GetVReg() << ")" << std::endl; + return false; + } + bc_ins = bc_ins.GetNext(); + } + + } return true; } @@ -71,6 +107,10 @@ bool Verifier::VerifyConstantPool() void Verifier::GetMethodIds() { + if (method_ids_.size() != 0) { + return; + } + auto index_headers = file_->GetIndexHeaders(); for (const auto &header : index_headers) { auto method_index = file_->GetMethodIndex(&header); diff --git a/verifier/verifier.h b/verifier/verifier.h index 058e07bf83..58d9d72385 100644 --- a/verifier/verifier.h +++ b/verifier/verifier.h @@ -28,6 +28,7 @@ public: ~Verifier() = default; bool Verify(); + bool VerifyRegisterIndex(); bool VerifyChecksum(); bool VerifyConstantPool(); -- Gitee From 1cbe03ee4fedc41e827d9be7fb799f1527b3f775 Mon Sep 17 00:00:00 2001 From: lphwork Date: Tue, 28 Nov 2023 11:06:46 +0000 Subject: [PATCH 02/15] update verifier/tests/verify_register_index_test.cpp. Signed-off-by: lphwork --- verifier/BUILD.gn | 6 +-- verifier/tests/verify_register_index_test.cpp | 21 +++-------- verifier/verifier.cpp | 37 +++++++++++++++++-- verifier/verifier.h | 1 + 4 files changed, 41 insertions(+), 24 deletions(-) diff --git a/verifier/BUILD.gn b/verifier/BUILD.gn index 66ba0eab2a..65b39beb34 100755 --- a/verifier/BUILD.gn +++ b/verifier/BUILD.gn @@ -32,11 +32,7 @@ arkverifier_configs = [ ohos_executable("ark_verifier") { sources = arkverifier_sources - deps = [ - "$ark_root/libpandafile:libarkfile_static", - "$ark_root/libziparchive:libarkziparchive_static", - sdk_libc_secshared_dep, - ] + deps = [ "$ark_root/libpandafile:libarkfile_static" ] configs = arkverifier_configs diff --git a/verifier/tests/verify_register_index_test.cpp b/verifier/tests/verify_register_index_test.cpp index 644a064b2d..7d06855208 100644 --- a/verifier/tests/verify_register_index_test.cpp +++ b/verifier/tests/verify_register_index_test.cpp @@ -14,6 +14,7 @@ */ #include "verifier.h" +#include "utils.h" #include #include @@ -26,6 +27,7 @@ #include "method_data_accessor-inl.h" using namespace testing::ext; + namespace panda::verifier { class VerifierRegisterTest : public testing::Test { public: @@ -33,17 +35,6 @@ public: static void TearDownTestCase(void) {}; void SetUp() {}; void TearDown() {}; - - void GenerateModifiedAbc(const std::vector &buffer, const std::string &filename) { - std::ofstream abc_file(filename, std::ios::out | std::ios::binary); - if (!abc_file.is_open()) { - LOG(ERROR, VERIFIER) << "Failed to open file " << filename; - EXPECT_TRUE(abc_file.is_open()); - } - - abc_file.write(reinterpret_cast(buffer.data()), buffer.size()); - abc_file.close(); - } }; /** @@ -81,11 +72,11 @@ HWTEST_F(VerifierRegisterTest, verifier_register_002, TestSize.Level1) EXPECT_TRUE(base_file.is_open()); } std::vector buffer(std::istreambuf_iterator(base_file), {}); - // the known opcode in the abc file - const std::vector op_v8 = {0x60, 0x03}; + // the known instruction which contains register index in the abc file + const std::vector op_code = {0x60, 0x03}; for (size_t i = 0; i < buffer.size() - 2; i++) { - if (buffer[i] == op_v8[0] && buffer[i+1] == op_v8[1]) { + if (buffer[i] == op_code[0] && buffer[i+1] == op_code[1]) { buffer[i + 1] = static_cast(new_reg_id); } } @@ -99,4 +90,4 @@ HWTEST_F(VerifierRegisterTest, verifier_register_002, TestSize.Level1) EXPECT_FALSE(ver.VerifyRegisterIndex()); } } -} +} // namespace panda::verifier diff --git a/verifier/verifier.cpp b/verifier/verifier.cpp index d525176e95..3f412b4bc6 100644 --- a/verifier/verifier.cpp +++ b/verifier/verifier.cpp @@ -47,12 +47,28 @@ bool Verifier::Verify() return true; } +uint32_t Verifier::GetRegIdxBaseOnRegType(const BytecodeInstruction &bc_ins, size_t reg_type) +{ + uint32_t reg_idx = 0; + + if (bc_ins.HasVReg(bc_ins.GetFormat(), reg_type)) { + reg_idx = static_cast(bc_ins.GetVReg(reg_type)); + } + + return reg_idx; +} + bool Verifier::VerifyRegisterIndex() { if (file_ == nullptr) { return false; } + const size_t reg_type0 = 0; + const size_t reg_type1 = 1; + const size_t reg_type2 = 2; + const size_t reg_type3 = 3; + GetMethodIds(); for (const auto &method_id : method_ids_) { panda_file::MethodDataAccessor method_accessor {*file_, method_id}; @@ -66,15 +82,28 @@ bool Verifier::VerifyRegisterIndex() const auto bc_ins_last = bc_ins.JumpTo(code_data.GetCodeSize()); ASSERT(arg_nums >= 3); while (bc_ins.GetAddress() < bc_ins_last.GetAddress()) { - const uint32_t reg_idx = static_cast(bc_ins.GetVReg()); - if (reg_idx >= (reg_nums + arg_nums)) { + if (GetRegIdxBaseOnRegType(bc_ins, reg_type0) >= (reg_nums + arg_nums)) { + LOG(ERROR, VERIFIER) << "register index out of bounds. register index is (0x" << std::hex + << bc_ins.GetVReg(reg_type0) << ")" << std::endl; + return false; + } + if (GetRegIdxBaseOnRegType(bc_ins, reg_type1) >= (reg_nums + arg_nums)) { + LOG(ERROR, VERIFIER) << "register index out of bounds. register index is (0x" << std::hex + << bc_ins.GetVReg(reg_type1) << ")" << std::endl; + return false; + } + if (GetRegIdxBaseOnRegType(bc_ins, reg_type2) >= (reg_nums + arg_nums)) { + LOG(ERROR, VERIFIER) << "register index out of bounds. register index is (0x" << std::hex + << bc_ins.GetVReg(reg_type2) << ")" << std::endl; + return false; + } + if (GetRegIdxBaseOnRegType(bc_ins, reg_type3) >= (reg_nums + arg_nums)) { LOG(ERROR, VERIFIER) << "register index out of bounds. register index is (0x" << std::hex - << bc_ins.GetVReg() << ")" << std::endl; + << bc_ins.GetVReg(reg_type3) << ")" << std::endl; return false; } bc_ins = bc_ins.GetNext(); } - } return true; } diff --git a/verifier/verifier.h b/verifier/verifier.h index 58d9d72385..93c219bedd 100644 --- a/verifier/verifier.h +++ b/verifier/verifier.h @@ -41,6 +41,7 @@ private: size_t idx); bool VerifyStringId(const BytecodeInstruction &bc_ins, const panda_file::File::EntityId &method_id); bool CheckConstantPoolInfo(const panda_file::File::EntityId &method_id); + uint32_t GetRegIdxBaseOnRegType(const BytecodeInstruction &bc_ins, size_t reg_type); std::unique_ptr file_; std::vector method_ids_; -- Gitee From a3ddcbf0284cd4cb194a89bb0b8468ef829dc835 Mon Sep 17 00:00:00 2001 From: OneYuan Date: Thu, 30 Nov 2023 13:48:33 +0000 Subject: [PATCH 03/15] update verifier/verifier.cpp. multiple register senario support Signed-off-by: OneYuan --- verifier/verifier.cpp | 108 +++++++++++++++++++++--------------------- 1 file changed, 54 insertions(+), 54 deletions(-) diff --git a/verifier/verifier.cpp b/verifier/verifier.cpp index 3f412b4bc6..6b1be249a8 100644 --- a/verifier/verifier.cpp +++ b/verifier/verifier.cpp @@ -47,15 +47,30 @@ bool Verifier::Verify() return true; } -uint32_t Verifier::GetRegIdxBaseOnRegType(const BytecodeInstruction &bc_ins, size_t reg_type) +bool Verifier::VerifyChecksum() { - uint32_t reg_idx = 0; + if (file_ == nullptr) { + return false; + } + uint32_t file_size = file_->GetHeader()->file_size; + ASSERT(file_size > FILE_CONTENT_OFFSET); + uint32_t cal_checksum = adler32(1, file_->GetBase() + FILE_CONTENT_OFFSET, file_size - FILE_CONTENT_OFFSET); + return file_->GetHeader()->checksum == cal_checksum; +} + +bool Verifier::VerifyConstantPool() +{ + if (file_ == nullptr) { + return false; + } - if (bc_ins.HasVReg(bc_ins.GetFormat(), reg_type)) { - reg_idx = static_cast(bc_ins.GetVReg(reg_type)); + GetMethodIds(); + GetLiteralIds(); + if (!CheckConstantPool()) { + return false; } - return reg_idx; + return true; } bool Verifier::VerifyRegisterIndex() @@ -64,11 +79,6 @@ bool Verifier::VerifyRegisterIndex() return false; } - const size_t reg_type0 = 0; - const size_t reg_type1 = 1; - const size_t reg_type2 = 2; - const size_t reg_type3 = 3; - GetMethodIds(); for (const auto &method_id : method_ids_) { panda_file::MethodDataAccessor method_accessor {*file_, method_id}; @@ -82,25 +92,18 @@ bool Verifier::VerifyRegisterIndex() const auto bc_ins_last = bc_ins.JumpTo(code_data.GetCodeSize()); ASSERT(arg_nums >= 3); while (bc_ins.GetAddress() < bc_ins_last.GetAddress()) { - if (GetRegIdxBaseOnRegType(bc_ins, reg_type0) >= (reg_nums + arg_nums)) { - LOG(ERROR, VERIFIER) << "register index out of bounds. register index is (0x" << std::hex - << bc_ins.GetVReg(reg_type0) << ")" << std::endl; - return false; + size_t count = GetVRegCount(bc_ins); + if (count == 0) { // Skip instructions that do not use registers + bc_ins = bc_ins.GetNext(); + continue; } - if (GetRegIdxBaseOnRegType(bc_ins, reg_type1) >= (reg_nums + arg_nums)) { - LOG(ERROR, VERIFIER) << "register index out of bounds. register index is (0x" << std::hex - << bc_ins.GetVReg(reg_type1) << ")" << std::endl; - return false; - } - if (GetRegIdxBaseOnRegType(bc_ins, reg_type2) >= (reg_nums + arg_nums)) { - LOG(ERROR, VERIFIER) << "register index out of bounds. register index is (0x" << std::hex - << bc_ins.GetVReg(reg_type2) << ")" << std::endl; - return false; - } - if (GetRegIdxBaseOnRegType(bc_ins, reg_type3) >= (reg_nums + arg_nums)) { - LOG(ERROR, VERIFIER) << "register index out of bounds. register index is (0x" << std::hex - << bc_ins.GetVReg(reg_type3) << ")" << std::endl; - return false; + for (size_t idx = 0; idx < count; idx++) { // Represents the idxTH register index in an instruction + uint16_t reg_idx = bc_ins.GetVReg(idx); + if (reg_idx >= (reg_nums + arg_nums)) { + LOG(ERROR, VERIFIER) << "register index out of bounds. register index is (0x" << std::hex + << reg_idx << ")" << std::endl; + return false; + } } bc_ins = bc_ins.GetNext(); } @@ -108,32 +111,6 @@ bool Verifier::VerifyRegisterIndex() return true; } -bool Verifier::VerifyChecksum() -{ - if (file_ == nullptr) { - return false; - } - uint32_t file_size = file_->GetHeader()->file_size; - ASSERT(file_size > FILE_CONTENT_OFFSET); - uint32_t cal_checksum = adler32(1, file_->GetBase() + FILE_CONTENT_OFFSET, file_size - FILE_CONTENT_OFFSET); - return file_->GetHeader()->checksum == cal_checksum; -} - -bool Verifier::VerifyConstantPool() -{ - if (file_ == nullptr) { - return false; - } - - GetMethodIds(); - GetLiteralIds(); - if (!CheckConstantPool()) { - return false; - } - - return true; -} - void Verifier::GetMethodIds() { if (method_ids_.size() != 0) { @@ -225,6 +202,29 @@ bool Verifier::VerifyStringId(const BytecodeInstruction &bc_ins, const panda_fil return true; } +size_t Verifier::GetVRegCount (const BytecodeInstruction &bc_ins) +{ + size_t idx = 0; // Represents the idxTH register index in an instruction + size_t count = 0; + BytecodeInstruction::Format format = bc_ins.GetFormat(); + if (bc_ins.HasVReg(format, idx)) { + count = 1; + idx++; + } + if (bc_ins.HasVReg(format, idx)) { + count = 2; + idx++; + } + if (bc_ins.HasVReg(format, idx)) { + count = 3; + idx++; + } + if (bc_ins.HasVReg(format, idx)) { + count = 4; + } + return count; +} + bool Verifier::CheckConstantPoolInfo(const panda_file::File::EntityId &method_id) { panda_file::MethodDataAccessor method_accessor(*file_, method_id); -- Gitee From b961b74faff4bd1b3993ac5e495c97faf73c3c01 Mon Sep 17 00:00:00 2001 From: OneYuan Date: Thu, 30 Nov 2023 13:50:15 +0000 Subject: [PATCH 04/15] update verifier/verifier.h. multiple register senario support Signed-off-by: OneYuan --- verifier/verifier.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/verifier/verifier.h b/verifier/verifier.h index 93c219bedd..5f434d5b71 100644 --- a/verifier/verifier.h +++ b/verifier/verifier.h @@ -28,20 +28,20 @@ public: ~Verifier() = default; bool Verify(); - bool VerifyRegisterIndex(); bool VerifyChecksum(); bool VerifyConstantPool(); + bool VerifyRegisterIndex(); private: void GetMethodIds(); void GetLiteralIds(); bool CheckConstantPool(); + size_t GetVRegCount(const BytecodeInstruction &bc_ins); bool VerifyMethodId(const BytecodeInstruction &bc_ins, const panda_file::File::EntityId &method_id); bool VerifyLiteralId(const BytecodeInstruction &bc_ins, const panda_file::File::EntityId &method_id, size_t idx); bool VerifyStringId(const BytecodeInstruction &bc_ins, const panda_file::File::EntityId &method_id); bool CheckConstantPoolInfo(const panda_file::File::EntityId &method_id); - uint32_t GetRegIdxBaseOnRegType(const BytecodeInstruction &bc_ins, size_t reg_type); std::unique_ptr file_; std::vector method_ids_; -- Gitee From daf713a6393d03770711497927e4e9b1c294c588 Mon Sep 17 00:00:00 2001 From: lphwork Date: Fri, 1 Dec 2023 01:28:04 +0000 Subject: [PATCH 05/15] update verifier/verifier.cpp. Signed-off-by: lphwork --- verifier/verifier.cpp | 17 +++-------------- 1 file changed, 3 insertions(+), 14 deletions(-) diff --git a/verifier/verifier.cpp b/verifier/verifier.cpp index 6b1be249a8..6bc12d5802 100644 --- a/verifier/verifier.cpp +++ b/verifier/verifier.cpp @@ -202,25 +202,14 @@ bool Verifier::VerifyStringId(const BytecodeInstruction &bc_ins, const panda_fil return true; } -size_t Verifier::GetVRegCount (const BytecodeInstruction &bc_ins) +size_t Verifier::GetVRegCount(const BytecodeInstruction &bc_ins) { size_t idx = 0; // Represents the idxTH register index in an instruction size_t count = 0; BytecodeInstruction::Format format = bc_ins.GetFormat(); - if (bc_ins.HasVReg(format, idx)) { - count = 1; + while (bc_ins.HasVReg(format, idx)) { idx++; - } - if (bc_ins.HasVReg(format, idx)) { - count = 2; - idx++; - } - if (bc_ins.HasVReg(format, idx)) { - count = 3; - idx++; - } - if (bc_ins.HasVReg(format, idx)) { - count = 4; + count = idx; } return count; } -- Gitee From 80587328cc6b22b1df8c0e1fc7f359b6bddf12fc Mon Sep 17 00:00:00 2001 From: lphwork Date: Fri, 1 Dec 2023 01:41:14 +0000 Subject: [PATCH 06/15] update verifier/verifier.cpp. Signed-off-by: lphwork --- verifier/verifier.cpp | 22 ++++++++++++++-------- 1 file changed, 14 insertions(+), 8 deletions(-) diff --git a/verifier/verifier.cpp b/verifier/verifier.cpp index 6bc12d5802..7ec454bff6 100644 --- a/verifier/verifier.cpp +++ b/verifier/verifier.cpp @@ -97,14 +97,7 @@ bool Verifier::VerifyRegisterIndex() bc_ins = bc_ins.GetNext(); continue; } - for (size_t idx = 0; idx < count; idx++) { // Represents the idxTH register index in an instruction - uint16_t reg_idx = bc_ins.GetVReg(idx); - if (reg_idx >= (reg_nums + arg_nums)) { - LOG(ERROR, VERIFIER) << "register index out of bounds. register index is (0x" << std::hex - << reg_idx << ")" << std::endl; - return false; - } - } + CheckVRegIdx(bc_ins, count, max_reg_idx); bc_ins = bc_ins.GetNext(); } } @@ -214,6 +207,19 @@ size_t Verifier::GetVRegCount(const BytecodeInstruction &bc_ins) return count; } +bool CheckVRegIdx(const BytecodeInstruction &bc_ins, size_t count, uint32_t max_reg_idx) +{ + for (size_t idx = 0; idx < count; idx++) { // Represents the idxTH register index in an instruction + uint16_t reg_idx = bc_ins.GetVReg(idx); + if (reg_idx >= max_reg_idx) { + LOG(ERROR, VERIFIER) << "register index out of bounds. register index is (0x" << std::hex + << reg_idx << ")" << std::endl; + return false; + } + } + return true; +} + bool Verifier::CheckConstantPoolInfo(const panda_file::File::EntityId &method_id) { panda_file::MethodDataAccessor method_accessor(*file_, method_id); -- Gitee From d60e10e0594f969bc7d99bf335dcca1a7cd77cbf Mon Sep 17 00:00:00 2001 From: lphwork Date: Fri, 1 Dec 2023 01:41:48 +0000 Subject: [PATCH 07/15] update verifier/verifier.h. Signed-off-by: lphwork --- verifier/verifier.h | 1 + 1 file changed, 1 insertion(+) diff --git a/verifier/verifier.h b/verifier/verifier.h index 5f434d5b71..b4df3ee8eb 100644 --- a/verifier/verifier.h +++ b/verifier/verifier.h @@ -37,6 +37,7 @@ private: void GetLiteralIds(); bool CheckConstantPool(); size_t GetVRegCount(const BytecodeInstruction &bc_ins); + bool CheckVRegIdx(const BytecodeInstruction &bc_ins, size_t count, uint32_t max_reg_idx); bool VerifyMethodId(const BytecodeInstruction &bc_ins, const panda_file::File::EntityId &method_id); bool VerifyLiteralId(const BytecodeInstruction &bc_ins, const panda_file::File::EntityId &method_id, size_t idx); -- Gitee From f4ba4985a85802a5c0178454b6cf14eb896400e9 Mon Sep 17 00:00:00 2001 From: lphwork Date: Fri, 1 Dec 2023 01:44:48 +0000 Subject: [PATCH 08/15] update verifier/verifier.cpp. Signed-off-by: lphwork --- verifier/verifier.cpp | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/verifier/verifier.cpp b/verifier/verifier.cpp index 7ec454bff6..6fee9d05a4 100644 --- a/verifier/verifier.cpp +++ b/verifier/verifier.cpp @@ -198,13 +198,11 @@ bool Verifier::VerifyStringId(const BytecodeInstruction &bc_ins, const panda_fil size_t Verifier::GetVRegCount(const BytecodeInstruction &bc_ins) { size_t idx = 0; // Represents the idxTH register index in an instruction - size_t count = 0; BytecodeInstruction::Format format = bc_ins.GetFormat(); while (bc_ins.HasVReg(format, idx)) { idx++; - count = idx; } - return count; + return idx; } bool CheckVRegIdx(const BytecodeInstruction &bc_ins, size_t count, uint32_t max_reg_idx) -- Gitee From 31d6ff3363613039daf8f406e2d055e1dd8095f7 Mon Sep 17 00:00:00 2001 From: lphwork Date: Fri, 1 Dec 2023 01:55:30 +0000 Subject: [PATCH 09/15] update verifier/verifier.cpp. Signed-off-by: lphwork --- verifier/verifier.cpp | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/verifier/verifier.cpp b/verifier/verifier.cpp index 6fee9d05a4..7135272ff0 100644 --- a/verifier/verifier.cpp +++ b/verifier/verifier.cpp @@ -90,14 +90,16 @@ bool Verifier::VerifyRegisterIndex() const auto arg_nums = code_data.GetNumArgs(); auto bc_ins = BytecodeInstruction(code_data.GetInstructions()); const auto bc_ins_last = bc_ins.JumpTo(code_data.GetCodeSize()); - ASSERT(arg_nums >= 3); + ASSERT(arg_nums >= DEFAULT_ARGUMENT_NUMBER); while (bc_ins.GetAddress() < bc_ins_last.GetAddress()) { size_t count = GetVRegCount(bc_ins); if (count == 0) { // Skip instructions that do not use registers bc_ins = bc_ins.GetNext(); continue; } - CheckVRegIdx(bc_ins, count, max_reg_idx); + if (!CheckVRegIdx(bc_ins, count, max_reg_idx)) { + return false; + } bc_ins = bc_ins.GetNext(); } } -- Gitee From 9ba81649e598fcc05d7f2a5f87bf73880ece324d Mon Sep 17 00:00:00 2001 From: lphwork Date: Fri, 1 Dec 2023 01:55:50 +0000 Subject: [PATCH 10/15] update verifier/verifier.h. Signed-off-by: lphwork --- verifier/verifier.h | 1 + 1 file changed, 1 insertion(+) diff --git a/verifier/verifier.h b/verifier/verifier.h index b4df3ee8eb..1dfe5ecf91 100644 --- a/verifier/verifier.h +++ b/verifier/verifier.h @@ -48,6 +48,7 @@ private: std::vector method_ids_; std::vector literal_ids_; + static constexpr size_t DEFAULT_ARGUMENT_NUMBER = 3; static constexpr uint32_t FILE_CONTENT_OFFSET = 12U; }; } // namespace panda::verifier -- Gitee From a0ae30cadde829d6f6f71f2a7774e0b85ac2d146 Mon Sep 17 00:00:00 2001 From: lphwork Date: Fri, 1 Dec 2023 02:10:11 +0000 Subject: [PATCH 11/15] update verifier/verifier.cpp. Signed-off-by: lphwork --- verifier/verifier.cpp | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/verifier/verifier.cpp b/verifier/verifier.cpp index 7135272ff0..f2dc219a05 100644 --- a/verifier/verifier.cpp +++ b/verifier/verifier.cpp @@ -86,8 +86,9 @@ bool Verifier::VerifyRegisterIndex() continue; } panda_file::CodeDataAccessor code_data(*file_, method_accessor.GetCodeId().value()); - const auto reg_nums = code_data.GetNumVregs(); - const auto arg_nums = code_data.GetNumArgs(); + uint32_t reg_nums = code_data.GetNumVregs(); + uint32_t arg_nums = code_data.GetNumArgs(); + uint32_t max_reg_idx = reg_nums + arg_nums; auto bc_ins = BytecodeInstruction(code_data.GetInstructions()); const auto bc_ins_last = bc_ins.JumpTo(code_data.GetCodeSize()); ASSERT(arg_nums >= DEFAULT_ARGUMENT_NUMBER); -- Gitee From a79316826fdefbc5e18e121338b273a4d4376d62 Mon Sep 17 00:00:00 2001 From: lphwork Date: Fri, 1 Dec 2023 02:18:47 +0000 Subject: [PATCH 12/15] update verifier/verifier.cpp. Signed-off-by: lphwork --- verifier/verifier.cpp | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/verifier/verifier.cpp b/verifier/verifier.cpp index f2dc219a05..149d130875 100644 --- a/verifier/verifier.cpp +++ b/verifier/verifier.cpp @@ -86,14 +86,14 @@ bool Verifier::VerifyRegisterIndex() continue; } panda_file::CodeDataAccessor code_data(*file_, method_accessor.GetCodeId().value()); - uint32_t reg_nums = code_data.GetNumVregs(); - uint32_t arg_nums = code_data.GetNumArgs(); - uint32_t max_reg_idx = reg_nums + arg_nums; + const uint32_t reg_nums = code_data.GetNumVregs(); + const uint32_t arg_nums = code_data.GetNumArgs(); + const uint32_t max_reg_idx = reg_nums + arg_nums; auto bc_ins = BytecodeInstruction(code_data.GetInstructions()); const auto bc_ins_last = bc_ins.JumpTo(code_data.GetCodeSize()); ASSERT(arg_nums >= DEFAULT_ARGUMENT_NUMBER); while (bc_ins.GetAddress() < bc_ins_last.GetAddress()) { - size_t count = GetVRegCount(bc_ins); + const size_t count = GetVRegCount(bc_ins); if (count == 0) { // Skip instructions that do not use registers bc_ins = bc_ins.GetNext(); continue; -- Gitee From 94661bcb2c30030226a86b64e4cb42d7ba089223 Mon Sep 17 00:00:00 2001 From: lphwork Date: Fri, 1 Dec 2023 02:21:28 +0000 Subject: [PATCH 13/15] update verifier/verifier.cpp. Signed-off-by: lphwork --- verifier/verifier.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/verifier/verifier.cpp b/verifier/verifier.cpp index 149d130875..4e7491ba32 100644 --- a/verifier/verifier.cpp +++ b/verifier/verifier.cpp @@ -208,7 +208,7 @@ size_t Verifier::GetVRegCount(const BytecodeInstruction &bc_ins) return idx; } -bool CheckVRegIdx(const BytecodeInstruction &bc_ins, size_t count, uint32_t max_reg_idx) +bool Verifier::CheckVRegIdx(const BytecodeInstruction &bc_ins, const size_t count, const uint32_t max_reg_idx) { for (size_t idx = 0; idx < count; idx++) { // Represents the idxTH register index in an instruction uint16_t reg_idx = bc_ins.GetVReg(idx); -- Gitee From 0ce329a67ac9af5470c885d625b6b7ae795e7e24 Mon Sep 17 00:00:00 2001 From: lphwork Date: Fri, 1 Dec 2023 02:22:19 +0000 Subject: [PATCH 14/15] update verifier/verifier.h. Signed-off-by: lphwork --- verifier/verifier.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/verifier/verifier.h b/verifier/verifier.h index 1dfe5ecf91..cc2385b005 100644 --- a/verifier/verifier.h +++ b/verifier/verifier.h @@ -37,7 +37,7 @@ private: void GetLiteralIds(); bool CheckConstantPool(); size_t GetVRegCount(const BytecodeInstruction &bc_ins); - bool CheckVRegIdx(const BytecodeInstruction &bc_ins, size_t count, uint32_t max_reg_idx); + bool CheckVRegIdx(const BytecodeInstruction &bc_ins, const size_t count, const uint32_t max_reg_idx); bool VerifyMethodId(const BytecodeInstruction &bc_ins, const panda_file::File::EntityId &method_id); bool VerifyLiteralId(const BytecodeInstruction &bc_ins, const panda_file::File::EntityId &method_id, size_t idx); -- Gitee From 192286870ba315fb05c8dc1dacd83ea740d948f4 Mon Sep 17 00:00:00 2001 From: lphwork Date: Fri, 1 Dec 2023 02:38:46 +0000 Subject: [PATCH 15/15] update verifier/verifier.cpp. Signed-off-by: lphwork --- verifier/verifier.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/verifier/verifier.cpp b/verifier/verifier.cpp index 4e7491ba32..981389d62f 100644 --- a/verifier/verifier.cpp +++ b/verifier/verifier.cpp @@ -214,7 +214,7 @@ bool Verifier::CheckVRegIdx(const BytecodeInstruction &bc_ins, const size_t coun uint16_t reg_idx = bc_ins.GetVReg(idx); if (reg_idx >= max_reg_idx) { LOG(ERROR, VERIFIER) << "register index out of bounds. register index is (0x" << std::hex - << reg_idx << ")" << std::endl; + << reg_idx << ")" << std::endl; return false; } } -- Gitee