From d8ce92a439838c1f85698b5e5cce8fb7d25ccb7f Mon Sep 17 00:00:00 2001 From: bloodstalker Date: Fri, 5 Oct 2018 18:37:02 +0330 Subject: now supports size-bound reads --- main.py | 78 +++++++++++++++++++++++++-- resources/wasm.xml | 10 ++-- resources/wasm2.xml | 151 ++++++++++++++++++++++++++++++++++++++++++++++++++++ run.sh | 4 +- test/autowasm.c | 17 +++++- text.py | 25 ++++----- 6 files changed, 261 insertions(+), 24 deletions(-) create mode 100644 resources/wasm2.xml diff --git a/main.py b/main.py index 401325e..9b94cda 100755 --- a/main.py +++ b/main.py @@ -291,16 +291,31 @@ class CodeGen(object): pointer = str() access = "." dummy_static = str() + count_version = False + count_version_buffer = str() if "isaggregate" in elem.attrib: #pointer = "*" pointer = "" access = "->" dummy_static = "" if "isaggregate" in elem.attrib: + # setting count_version here + if "countversion" in elem.attrib: count_version = True + else: count_version = False dummy_string += ", " + elem.attrib["name"] + "*" + " dummy_" + elem.attrib["name"] read_source.write(static + inline + text.c_read_elem_sig.replace("YYY", elem.attrib["name"]).replace("XXX", elem.attrib["name"]+pointer)) read_source.write("*dummy = "+alloc+"(sizeof(" + elem.attrib["name"] + "));\n") + read_source.write("uint64_t b_count;\n") + if count_version: + count_version_buffer = static + inline + text.c_read_elem_sig_c.replace("YYY", elem.attrib["name"]).replace("XXX", elem.attrib["name"]+pointer) + count_version_buffer += "*dummy = "+alloc+"(sizeof(" + elem.attrib["name"] + "));\n" + count_version_buffer += "uint64_t b_count;\n" + for sub in elem: + if "sizeconst" in sub.attrib: + read_source.write("uint64_t agg_b_count;\n") + break read_source.write(text.c_void_manager_proto.replace("XXX", "(*dummy)")); + if count_version: count_version_buffer += text.c_void_manager_proto.replace("XXX", "(*dummy)") self.malloc_list.append(C_Obj(elem.attrib["name"], [elem.tag])) count = get_elem_count(elem) if count == 1: @@ -331,8 +346,12 @@ class CodeGen(object): if child_count == 1: for_read = text.c_read_elem_sig_2.replace("XXX", ref_node_name).replace("YYY", "&(*dummy)->" + cond.attrib["name"]).replace("ZZZ", "void_train") + ";\n" read_source.write(for_read) + if count_version: + count_version_buffer += for_read elif child_count > 1: for_read = text.c_read_elem_sig_2.replace("XXX", ref_node_name).replace("YYY", "&(*dummy)->" + cond.attrib["name"] + "[i]").replace("ZZZ", "void_train") + ";\n" + if count_version: + count_version_buffer += for_read read_source.write(for_read) else: # child_count == -1 count_name_str = cond.attrib["count"][6:] @@ -343,6 +362,8 @@ class CodeGen(object): for_read = text.c_read_elem_sig_2.replace("XXX", ref_node_name).replace("YYY", "&(*dummy)->" + cond.attrib["name"] + "[i]").replace("ZZZ", "void_train") + ";\n" read_source.write(text.simple_loop.replace("YYY", for_read).replace("XXX", "(*dummy)->" + get_node_name(count_name_str, child))) read_source.write("}\n") + if count_version: + count_version_buffer += for_read + "}\n" else: read_source.write("if ((*dummy)->" + cond_name + "==" + str(cond.text) + "){\n") read_source.write("(*dummy)->" + cond.attrib["name"] + "="+alloc+"(sizeof(" + ref_node_name + "));") @@ -385,18 +406,39 @@ class CodeGen(object): if ref_node: ref_node_name = pointer_remover(ref_node.attrib["name"]) if child_count == 1: - for_read = text.c_read_elem_sig_2.replace("XXX", ref_node_name).replace("YYY", "&(*dummy)->" + child.attrib["name"]).replace("ZZZ", "void_train") + ";\n" + if "sizeconst" in child.attrib: + if "sizeconst" != "end": + for_read = text.c_read_elem_sig_2_c.replace("XXX", ref_node_name).replace("YYY", "&(*dummy)->" + child.attrib["name"]).replace("ZZZ", "void_train") + ";\n" + else: + for_read = text.c_read_elem_sig_2.replace("XXX", ref_node_name).replace("YYY", "&(*dummy)->" + child.attrib["name"]).replace("ZZZ", "void_train") + ";\n" read_source.write("(*dummy)->" + child.attrib["name"] + "=" + for_read) + if count_version: + count_version_buffer += "(*dummy)->" + child.attrib["name"] + "=" + for_read elif child_count > 1: - for_read = text.c_read_elem_sig_2.replace("XXX", ref_node_name).replace("YYY", "&(*dummy)->" + child.attrib["name"] + "[i]").replace("ZZZ", "void_train") + ";\n" + if "sizeconst" in child.attrib: + if "sizeconst" != "end": + for_read = text.c_read_elem_sig_2_c.replace("XXX", ref_node_name).replace("YYY", "&(*dummy)->" + child.attrib["name"] + "[i]").replace("ZZZ", "void_train") + ";\n" + else: + for_read = text.c_read_elem_sig_2.replace("XXX", ref_node_name).replace("YYY", "&(*dummy)->" + child.attrib["name"] + "[i]").replace("ZZZ", "void_train") + ";\n" read_source.write("(*dummy)->" + child.attrib["name"] + "=" + for_read) + if count_version: + count_version_buffer += "(*dummy)->" + child.attrib["name"] + "=" + for_read else: # child_count == -1 count_name_str = child.attrib["count"][6:] read_source.write("if (" + "(*dummy)->" + get_node_name(count_name_str, elem) + ")\n") read_source.write("(*dummy)->" + child.attrib["name"] + " = " +alloc+"(sizeof(void*)*" + "(*dummy)->" + get_node_name(count_name_str, elem) + ");\n") read_source.write(text.c_void_manager_proto.replace("XXX", "(*dummy)->" + child.attrib["name"])); - for_read = text.c_read_elem_sig_2.replace("XXX", ref_node_name).replace("YYY", "&(*dummy)->" + child.attrib["name"] + "[i]").replace("ZZZ", "void_train") + ";\n" + if "sizeconst" in child.attrib: + if "sizeconst" != "end": + for_read = text.c_read_elem_sig_2_c.replace("XXX", ref_node_name).replace("YYY", "&(*dummy)->" + child.attrib["name"] + "[i]").replace("ZZZ", "void_train") + ";\n" + else: + for_read = text.c_read_elem_sig_2.replace("XXX", ref_node_name).replace("YYY", "&(*dummy)->" + child.attrib["name"] + "[i]").replace("ZZZ", "void_train") + ";\n" read_source.write(text.simple_loop.replace("YYY", "(*dummy)->" + child.attrib["name"] + "[i]=" + for_read).replace("XXX", "(*dummy)->" + get_node_name(count_name_str, elem))) + if count_version: + count_version_buffer += text.simple_loop.replace("YYY", "(*dummy)->" + child.attrib["name"] + "[i]=" + for_read).replace("XXX", "(*dummy)->" + get_node_name(count_name_str, elem)) + if "sizeconst" in child.attrib: + #read_source.write("XXXXX;\n") + pass else: for_read = str() if child_count == 1: array_subscript = "" @@ -405,6 +447,9 @@ class CodeGen(object): if "size" in child.attrib: if "encoding" in child.attrib: for_read = "(*dummy)->" + child.attrib["name"] + array_subscript + "=" + get_encoding_read(child.attrib["encoding"]) + if "sizeconst" in child.attrib: + if child.attrib["sizeconst"] != "end": + for_read += "agg_b_count += b_count;" else: if child.attrib["type"] == "string": if "delimiter" in child.attrib: @@ -424,6 +469,9 @@ class CodeGen(object): else: if "encoding" in child.attrib: for_read = "(*dummy)->" + child.attrib["name"] + array_subscript + " = " + get_encoding_read(child.attrib["encoding"]) + if "sizeconst" in child.attrib: + if child.attrib["sizeconst"] != "end": + for_read += "agg_b_count += b_count;" else: if child.attrib["type"] == "string": for_read = text.c_read_gen_no.replace("XXX", "(*dummy)" + "->" + child.attrib["name"] + array_subscript).replace("YYY", ref_node_name) @@ -431,14 +479,27 @@ class CodeGen(object): for_read = text.c_read_gen.replace("XXX", "(*dummy)" + "->" + child.attrib["name"] + array_subscript).replace("YYY", ref_node_name) if child_count == 1: read_source.write(for_read) + if count_version: + count_version_buffer += for_read + count_version_buffer += "(*agg_b_count) += b_count;" elif child_count > 1: read_source.write(text.simple_loop.replace("YYY", for_read).replace("XXX", str(child_count))) + if count_version: + count_version_buffer += text.simple_loop.replace("YYY", for_read).replace("XXX", str(child_count)) else: # child_count = -1 count_name_str = child.attrib["count"][6:] read_source.write("(*dummy)->" + child.attrib["name"] + " = " +alloc+"(sizeof(" + type_resolver(child, self.def_elems + self.read_elems) + ")*" + "(*dummy)->" + get_node_name(count_name_str, elem) + ");\n") read_source.write(text.c_void_manager_proto.replace("XXX", "(*dummy)->" + child.attrib["name"])); read_source.write("if (" + "(*dummy)->" + get_node_name(count_name_str, elem) + ")\n") - read_source.write(text.simple_loop.replace("YYY", for_read).replace("XXX", "(*dummy)->" + get_node_name(count_name_str, elem))) + if count_version: + count_version_buffer += "(*dummy)->" + child.attrib["name"] + " = " +alloc+"(sizeof(" + type_resolver(child, self.def_elems + self.read_elems) + ")*" + "(*dummy)->" + get_node_name(count_name_str, elem) + ");\n" + count_version_buffer += text.c_void_manager_proto.replace("XXX", "(*dummy)->" + child.attrib["name"]) + count_version_buffer += "if (" + "(*dummy)->" + get_node_name(count_name_str, elem) + ")\n" + if "sizeconst" in child.attrib: + if child.attrib["sizeconst"] == "end": + read_source.write(text.simple_loop.replace("YYY", for_read).replace("XXX", "(*dummy)->" + get_node_name(count_name_str, elem) + "- agg_b_count")) + else: + read_source.write(text.simple_loop.replace("YYY", for_read).replace("XXX", "(*dummy)->" + get_node_name(count_name_str, elem))) else: pass # if not aggregate @@ -450,14 +511,23 @@ class CodeGen(object): read_source.write("*dummy = "+alloc+"(sizeof(" + elem.attrib["name"] + "));\n") read_source.write(text.c_void_manager_proto.replace("XXX", "*dummy")); read_source.write(text.c_read_gen.replace("XXX", "(*dummy)->" + elem.attrib["name"]).replace("YYY", type_resolver(elem, self.def_elems))) + if "sizeconst" in child.attrib: + read_source.write("agg_b_count=0;\n") + if count_version: + count_version_buffer += "return *dummy;\n" + count_version_buffer += text.c_function_close + "\n" read_source.write("return *dummy;\n") read_source.write(text.c_function_close + "\n") + if count_version: + read_source.write(count_version_buffer) read_source_header = open(self.argparser.args.outdir + "/read.h", "w") read_source_header.write("#ifndef FT_READ_H\n#define FT_READ_H\n") read_source_header.write('#ifdef __cplusplus\nextern "C" {\n#endif\n') read_source_header.write('#include "./structs.h"\n') for elem in self.def_elems + self.read_elems: read_source_header.write(static + inline + text.c_read_elem_sig_h.replace("YYY", elem.attrib["name"]).replace("XXX", elem.attrib["name"])) + if "countversion" in elem.attrib: + read_source_header.write(static + inline + text.c_read_elem_sig_h_c.replace("YYY", elem.attrib["name"]).replace("XXX", elem.attrib["name"])) read_source_header.write('#ifdef __cplusplus\n}\n#endif\n') read_source_header.write("#endif //end of header guard\n\n") diff --git a/resources/wasm.xml b/resources/wasm.xml index dfae936..8b31481 100644 --- a/resources/wasm.xml +++ b/resources/wasm.xml @@ -105,10 +105,10 @@ - + - + @@ -156,13 +156,13 @@ - + - + - + diff --git a/resources/wasm2.xml b/resources/wasm2.xml new file mode 100644 index 0000000..2d6e5fd --- /dev/null +++ b/resources/wasm2.xml @@ -0,0 +1,151 @@ + + + + + + + 1 + + + + + + 2 + + + + + + 3 + + + + + + 4 + + + + + + 5 + + + + + 6 + + + + + + 7 + + + + + + 8 + + + + + 9 + + + + + + 10 + + + + + + 11 + + + + + + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ + + + + + + + + + + + + 0 + 1 + 2 + 3 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/run.sh b/run.sh index 7469e86..b05df75 100755 --- a/run.sh +++ b/run.sh @@ -1,5 +1,5 @@ #!/bin/sh cd $(dirname $0) -"./faultreiber.py" --targetname autowasm --outdir ./test/ --structs ./test/struct.json --xml ./resources/wasm.xml --name wasm --calloc -#"./faultreiber.py" --targetname autowasm --outdir ./test/ --structs ./test/struct.json --xml ./resources/wasm.xml --name wasm +#"./faultreiber.py" --targetname autowasm --outdir ./test/ --structs ./test/struct.json --xml ./resources/wasm.xml --name wasm --calloc +"./faultreiber.py" --targetname autowasm --outdir ./test/ --structs ./test/struct.json --xml ./resources/wasm2.xml --name wasm --calloc "clang-format" -i ./test/read.c ./test/structs.c ./test/structs.h ./test/aggregate.c ./test/aggregate.h ./test/read.h diff --git a/test/autowasm.c b/test/autowasm.c index 98dddf0..67ecfd1 100644 --- a/test/autowasm.c +++ b/test/autowasm.c @@ -30,7 +30,7 @@ int main (int argc, char** argv) { } } } - int wasm = open("./test.wasm", O_RDONLY); + int wasm = open("./read.wasm", O_RDONLY); wasm_lib_ret_t* lib_ret = read_aggr_wasm(wasm); printf("finished reading\n"); @@ -60,6 +60,9 @@ int main (int argc, char** argv) { printf("kind:%d\n", lib_ret->obj->W_Import_Section_container->entries[i]->kind); if (lib_ret->obj->W_Import_Section_container->entries[i]->kind == 0) printf("type:%d\n", lib_ret->obj->W_Import_Section_container->entries[i]->kind); + else if (lib_ret->obj->W_Import_Section_container->entries[i]->kind == 2) { + //printf("type:%d\n", lib_ret->obj->W_Import_Section_container->entries[i]->type->resizable_limit->flags); + } printf("\n"); } printf("function_section_id:%d\n", lib_ret->obj->W_Function_Section_container->id); @@ -68,6 +71,7 @@ int main (int argc, char** argv) { for (int i = 0; i < lib_ret->obj->W_Function_Section_container->count; ++i) printf("type:%d\n", lib_ret->obj->W_Function_Section_container->types[i]); + if (lib_ret->obj->W_Table_Section_container != NULL) { printf("table_section_id:%d\n", lib_ret->obj->W_Table_Section_container->id); printf("table_section_payloadlength:%d\n", lib_ret->obj->W_Table_Section_container->payloadlength); printf("table_section_count:%d\n", lib_ret->obj->W_Table_Section_container->count); @@ -77,15 +81,19 @@ int main (int argc, char** argv) { printf("rl_initial:%d\n", lib_ret->obj->W_Table_Section_container->entries[i]->resizable_limit->initial); printf("rl_maximum:%d\n", lib_ret->obj->W_Table_Section_container->entries[i]->resizable_limit->maximum); } + } + if (lib_ret->obj->W_Memory_Section_container != NULL) { printf("memory_section_id:%d\n", lib_ret->obj->W_Memory_Section_container->id); printf("memory_section_payload_length:%d\n", lib_ret->obj->W_Memory_Section_container->payloadlength); printf("rl_flags:%d\n", lib_ret->obj->W_Memory_Section_container->entries->resizable_limit->flags); printf("rl_initial:%d\n", lib_ret->obj->W_Memory_Section_container->entries->resizable_limit->initial); printf("rl_maximum:%d\n", lib_ret->obj->W_Memory_Section_container->entries->resizable_limit->maximum); + } if (lib_ret->obj->W_Global_Section_container == NULL) printf("global section doesnt exist.\n"); + if (lib_ret->obj->W_Export_Section_container != NULL) { printf("export_section_id:%d\n", lib_ret->obj->W_Export_Section_container->id); printf("export_section_payloadlength:%d\n", lib_ret->obj->W_Export_Section_container->payloadlength); printf("entry count:%d\n", lib_ret->obj->W_Export_Section_container->count); @@ -96,9 +104,11 @@ int main (int argc, char** argv) { printf("kind:%d\n", lib_ret->obj->W_Export_Section_container->entries[i]->kind); printf("index:%d\n", lib_ret->obj->W_Export_Section_container->entries[i]->index); } + } if (lib_ret->obj->W_Start_Section_container == NULL) printf("start section doesnt exist.\n"); + if (lib_ret->obj->W_Element_Section_container != NULL) { printf("element_seciton_id:%d\n", lib_ret->obj->W_Element_Section_container->id); printf("element_section_payloadlength:%d\n", lib_ret->obj->W_Element_Section_container->payloadlength); printf("entry count:%d\n", lib_ret->obj->W_Element_Section_container->count); @@ -113,7 +123,9 @@ int main (int argc, char** argv) { printf("elems:%d\n", lib_ret->obj->W_Element_Section_container->entries[i]->elems[j]); } } + } + if (lib_ret->obj->W_Code_Section_container != NULL) { printf("code_section_id:%d\n", lib_ret->obj->W_Code_Section_container->id); printf("code_section_payloadlength:%d\n", lib_ret->obj->W_Code_Section_container->payloadlength); printf("count:%d\n", lib_ret->obj->W_Code_Section_container->count); @@ -133,7 +145,9 @@ int main (int argc, char** argv) { } printf("\n"); } + } + if (lib_ret->obj->W_Data_Section_container != NULL) { printf("data_section_id:%d\n", lib_ret->obj->W_Data_Section_container->id); printf("data_section_payloadlength:%d\n", lib_ret->obj->W_Data_Section_container->payloadlength); printf("data seg count:%d\n", lib_ret->obj->W_Data_Section_container->count); @@ -157,6 +171,7 @@ int main (int argc, char** argv) { } printf("\n"); } + } #endif printf("sizeof magic:%d\n", sizeof(magic_number)); diff --git a/text.py b/text.py index 5820473..109e8fd 100644 --- a/text.py +++ b/text.py @@ -11,14 +11,13 @@ class text(): autogen_warning = "// automatically generated by faultreiber\n" last_comment = "// last line intentionally left blank\n\n" read_func_sig = "int read_structured_file(char* path)" - #c_read_elem_sig = "XXX ft_read_YYY(int _fd) {\n" - #c_read_elem_sig = "void ft_read_YYY(int _fd, XXX* dummyZZZ) {\n" - #c_read_elem_sig = "void ft_read_YYY(int _fd, XXX* dummy) {\n" - #c_read_elem_sig_h = "void ft_read_YYY(int _fd, XXX* dummy);\n" c_read_elem_sig = "void* ft_read_YYY(int _fd, XXX** dummy, void*** void_train, uint64_t* current_void_size, uint64_t* current_void_count) {\n" c_read_elem_sig_h = "void* ft_read_YYY(int _fd, XXX** dummy, void*** void_train, uint64_t* current_void_size, uint64_t* current_void_count);\n" - c_read_elem_sig_1 = "ft_read_XXX(_fd)" + c_read_elem_sig_c = "void* ft_read_YYY_c(int _fd, XXX** dummy, void*** void_train, uint64_t* current_void_size, uint64_t* current_void_count, uint64_t* agg_b_count) {\n" + c_read_elem_sig_h_c = "void* ft_read_YYY_c(int _fd, XXX** dummy, void*** void_train, uint64_t* current_void_size, uint64_t* current_void_count, uint64_t* agg_b_count);\n" + #c_read_elem_sig_1 = "ft_read_XXX(_fd)" c_read_elem_sig_2 = "ft_read_XXX(_fd, YYY, ZZZ, current_void_size, current_void_count)" + c_read_elem_sig_2_c = "ft_read_XXX_c(_fd, YYY, ZZZ, current_void_size, current_void_count, &agg_b_count)" c_open_file = "int ft_read_file = open(_ft_file_path, RDONLY);\n" c_function_close = "}\n" c_function_dummy_dec = "XXX dummy;\n" @@ -38,21 +37,22 @@ class text(): c_assign_struct = "XXX.YYY = ZZZ;\n" simple_loop = "for (int i = 0; i < XXX; ++i) {\nYYY}\n" c_read_leb_u_def = """ -uint64_t read_leb_128_u(int _fd, int max_size) { +uint64_t read_leb_128_u(int _fd, int max_size, uint64_t* b_count) { uint8_t read_bytes = 0U; uint8_t byte = 0; uint64_t result = 0U; uint32_t shift = 0U; do { - read(_fd, &byte, 1);read_bytes++;read_bytes++; + read(_fd, &byte, 1);read_bytes++; result |= (byte & 0x7f) << shift; shift += 7; } while(((byte & 0x80) != 0) && (read_bytes < max_size)); + *b_count = read_bytes; return result; }""" c_read_leb_s_def = """ -int64_t read_leb_128_s(int _fd, int max_size) { +int64_t read_leb_128_s(int _fd, int max_size, uint64_t* b_count) { uint8_t byte; uint8_t read_bytes = 0U; uint8_t last_byte; @@ -66,6 +66,7 @@ int64_t read_leb_128_s(int _fd, int max_size) { shift += 7; } while(((byte & 0x80) != 0) && read_bytes < max_size); if ((last_byte & 0x40) != 0) result |= -(1 << shift); + *b_count = read_bytes; return result; }""" @@ -99,8 +100,8 @@ void void_manager(void* ptr, void*** void_train, uint64_t* current_void_size, ui (*current_void_count)++; }""" - c_read_leb_128_s_sig = "int64_t read_leb_128_s(int _fd, int max_size);\n" - c_read_leb_128_u_sig = "uint64_t read_leb_128_u(int _fd, int max_size);\n" + c_read_leb_128_s_sig = "int64_t read_leb_128_s(int _fd, int max_size, uint64_t* b_count);\n" + c_read_leb_128_u_sig = "uint64_t read_leb_128_u(int _fd, int max_size, uint64_t* b_count);\n" c_read_until_delimiter_sig = "int32_t read_until_delimiter(int _fd, uint8_t delimiter);\n" c_read_until_delimiter_proto = "read_until_delimiter(_fd, XXX)" c_void_manager_sig = "void void_manager(void* ptr, void*** void_train, uint64_t* current_void_size, uint64_t* current_void_count);\n" @@ -120,8 +121,8 @@ void void_manager(void* ptr, void*** void_train, uint64_t* current_void_size, ui c_read_leb_macro_varin1 = "READ_VAR_INT_1(XXX)" c_read_leb_macro_varin7 = "READ_VAR_INT_7(XXX)" c_read_leb_macro_varin32 = "READ_VAR_INT_32(XXX)" - c_read_leb_128_u = "read_leb_128_u(_fd, 5);\n" - c_read_leb_128_s = "read_leb_128_s(_fd, 5);\n" + c_read_leb_128_u = "read_leb_128_u(_fd, 5, &b_count);\n" + c_read_leb_128_s = "read_leb_128_s(_fd, 5, &b_count);\n" c_define_str_buff_size = "#define STR_BUFF_SIZE XXX" c_define_str_buff_grow_fact = "#define STR_BUFFER_GROW_FACTOR XXX" -- cgit v1.2.3