Tarantool development patches archive
 help / color / mirror / Atom feed
From: Sergey Kaplun via Tarantool-patches <tarantool-patches@dev.tarantool.org>
To: Maxim Kokryashkin <m.kokryashkin@tarantool.org>
Cc: tarantool-patches@dev.tarantool.org
Subject: Re: [Tarantool-patches] [PATCH luajit 16/19] Prevent integer overflow while parsing long strings.
Date: Wed, 16 Aug 2023 17:52:46 +0300	[thread overview]
Message-ID: <ZNzivqy5ZkyWcOF-@root> (raw)
In-Reply-To: <jbatprl666dtq5zu3i2zaydp4zlfizn23ayzlihec5e4dp4gjf@7goxshbuumhs>

Hi, Maxim!
Thanks for the review!
See my answers below.

On 15.08.23, Maxim Kokryashkin wrote:
> Hi, Sergey!
> Thanks for the patch!
> LGTM, except for a few comments below.
> 
> On Wed, Aug 09, 2023 at 06:36:05PM +0300, Sergey Kaplun via Tarantool-patches wrote:
> > From: Mike Pall <mike>
> > 
> > (cherry-picked from commit 16e5605eec2e3882d709c6b123a644f6a8023945)
> > 
> > This commit fixes possible integer overflow of the separator's length
> Typo: s/possible/a possible/

Fixed.

> > counter during parsing long strings. It may lead to the fact, that
> > parser considers a string with unbalanced long brackets to be correct.
> Typo: s/parser/the parser/

Fixed.

> > Since this is pointless to parse too long string separators in the hope,
> Typo: s/this is/it is/

Fixed.

> > that the string is correct, just use hardcoded limit (2 ^ 25 is enough).
> Typo: s/use hardcoded/use the hardcoded/

Fixed.

> > 
> > Be aware that this limit is different for Lua 5.1.
> > 
> > We can't check the string overflow itself without a really large file,
> > because the ERR_MEM error will be raised, due to the string buffer
> > reallocations during parsing. Keep such huge file in the repo is
> Typo: s/Keep such/Keeping such a/

Fixed.

> > pointless, so just check that we don't parse long string after
> Typo: s/long string/long strings/

Fixed.

> > aforementioned separator length.
> Typo: s/aforementioned/the aforementioned/

Fixed.

> > 
> > Sergey Kaplun:
> > * added the description and the test for the problem
> > 
> > Part of tarantool/tarantool#8825
> > ---
> >  src/lj_lex.c                                  |  2 +-
> >  .../lj-812-too-long-string-separator.test.lua | 31 +++++++++++++++++++
> >  2 files changed, 32 insertions(+), 1 deletion(-)
> >  create mode 100644 test/tarantool-tests/lj-812-too-long-string-separator.test.lua
> > 
> > diff --git a/src/lj_lex.c b/src/lj_lex.c
> > index 52856912..c66660d7 100644
> > --- a/src/lj_lex.c
> > +++ b/src/lj_lex.c

<snipped>

> > diff --git a/test/tarantool-tests/lj-812-too-long-string-separator.test.lua b/test/tarantool-tests/lj-812-too-long-string-separator.test.lua
> > new file mode 100644
> > index 00000000..fda69d17
> > --- /dev/null
> > +++ b/test/tarantool-tests/lj-812-too-long-string-separator.test.lua
> > @@ -0,0 +1,31 @@
> > +local tap = require('tap')
> > +
> > +-- Test to check that we avoid parsing of too long separator
> Typo: s/parsing of/parsing/
> Typo: s/separator/separators/

Fixed.

> > +-- for long strings.
> > +-- See also the discussion in the
> > +-- https://github.com/LuaJIT/LuaJIT/issues/812.
> > +
> > +local test = tap.test('lj-812-too-long-string-separator'):skipcond({
> > +  ['Test requires GC64 mode enabled'] = not require('ffi').abi('gc64'),
> Please write a more detailed description of how it can be tested for non-GC64 build
> and why it is disabled now, as we have discussed offline.

Added, see the diff below.

> 
> > +})
> > +test:plan(2)
> > +
> > +-- We can't check the string overflow itself without a really
> > +-- large file, because the ERR_MEM error will be raised, due to
> > +-- the string buffer reallocations during parsing.
> > +-- Keep such huge file in the repo is pointless, so just check
> > +-- that we don't parse long string after some separator length.
> > +-- Be aware that this limit is different for Lua 5.1.
> Please fix the same typos as in the commit message here.

Fixed.

> > +
> > +-- Use the hardcoded limit. The same as in the <src/lj_lex.c>.
> > +local separator = string.rep('=', 0x20000000 + 1)
> > +local test_str = ('return [%s[]%s]'):format(separator, separator)
> > +
> > +local f, err = loadstring(test_str, 'empty_str_f')
> > +test:ok(not f, 'correct status when parsing string with too long separator')
> > +
> > +-- Check error message.
> > +test:ok(tostring(err):match('invalid long string delimiter'),
> > +        'correct error when parsing string with too long separator')

Also, changed this part to the `test:like()`, since it is more readable
and has the same behaviour.

See the iterative patch below:

===================================================================
diff --git a/test/tarantool-tests/lj-812-too-long-string-separator.test.lua b/test/tarantool-tests/lj-812-too-long-string-separator.test.lua
index fda69d17..380e26f0 100644
--- a/test/tarantool-tests/lj-812-too-long-string-separator.test.lua
+++ b/test/tarantool-tests/lj-812-too-long-string-separator.test.lua
@@ -1,11 +1,17 @@
 local tap = require('tap')
 
--- Test to check that we avoid parsing of too long separator
--- for long strings.
+-- Test to check that we avoid parsing too long separators for
+-- long strings.
 -- See also the discussion in the
 -- https://github.com/LuaJIT/LuaJIT/issues/812.
 
 local test = tap.test('lj-812-too-long-string-separator'):skipcond({
+  -- In non-GC64 mode, we get the OOM error since we need memory
+  -- for the string to load and the same amount of memory for the
+  -- string buffer. So, the only option is to create a big file
+  -- in the repo and keep it, or generate it and remove each time.
+  -- These options are kinda pointless, so let's check the
+  -- behaviour only for GC64 mode.
   ['Test requires GC64 mode enabled'] = not require('ffi').abi('gc64'),
 })
 test:plan(2)
@@ -13,8 +19,9 @@ test:plan(2)
 -- We can't check the string overflow itself without a really
 -- large file, because the ERR_MEM error will be raised, due to
 -- the string buffer reallocations during parsing.
--- Keep such huge file in the repo is pointless, so just check
--- that we don't parse long string after some separator length.
+-- Keeping such a huge file in the repo is pointless, so just
+-- check that we don't parse long strings after some separator
+-- length.
 -- Be aware that this limit is different for Lua 5.1.
 
 -- Use the hardcoded limit. The same as in the <src/lj_lex.c>.
@@ -25,7 +32,7 @@ local f, err = loadstring(test_str, 'empty_str_f')
 test:ok(not f, 'correct status when parsing string with too long separator')
 
 -- Check error message.
-test:ok(tostring(err):match('invalid long string delimiter'),
-        'correct error when parsing string with too long separator')
+test:like(err, 'invalid long string delimiter',
+          'correct error when parsing string with too long separator')
 
 test:done(true)
===================================================================

> > +
> > +test:done(true)
> > -- 
> > 2.41.0
> > 
> Best regards,
> Maxim Kokryashkin

-- 
Best regards,
Sergey Kaplun

  reply	other threads:[~2023-08-16 14:57 UTC|newest]

Thread overview: 97+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-08-09 15:35 [Tarantool-patches] [PATCH luajit 00/19] Prerequisites for improve assertions Sergey Kaplun via Tarantool-patches
2023-08-09 15:35 ` [Tarantool-patches] [PATCH luajit 01/19] MIPS: Use precise search for exit jump patching Sergey Kaplun via Tarantool-patches
2023-08-15  9:36   ` Maxim Kokryashkin via Tarantool-patches
2023-08-16 12:40     ` Sergey Kaplun via Tarantool-patches
2023-08-16 13:25   ` Sergey Bronnikov via Tarantool-patches
2023-08-09 15:35 ` [Tarantool-patches] [PATCH luajit 02/19] test: introduce mcode generator for tests Sergey Kaplun via Tarantool-patches
2023-08-15 10:14   ` Maxim Kokryashkin via Tarantool-patches
2023-08-16 12:55     ` Sergey Kaplun via Tarantool-patches
2023-08-16 13:06       ` Maxim Kokryashkin via Tarantool-patches
2023-08-16 14:32   ` Sergey Bronnikov via Tarantool-patches
2023-08-16 15:20     ` Sergey Kaplun via Tarantool-patches
2023-08-16 16:08       ` Sergey Bronnikov via Tarantool-patches
2023-08-09 15:35 ` [Tarantool-patches] [PATCH luajit 03/19] MIPS: Fix handling of spare long-range jump slots Sergey Kaplun via Tarantool-patches
2023-08-15 11:13   ` Maxim Kokryashkin via Tarantool-patches
2023-08-16 13:05     ` Sergey Kaplun via Tarantool-patches
2023-08-16 15:02   ` Sergey Bronnikov via Tarantool-patches
2023-08-16 15:32     ` Sergey Kaplun via Tarantool-patches
2023-08-16 16:08       ` Sergey Bronnikov via Tarantool-patches
2023-08-09 15:35 ` [Tarantool-patches] [PATCH luajit 04/19] MIPS64: Add soft-float support to JIT compiler backend Sergey Kaplun via Tarantool-patches
2023-08-15 11:27   ` Maxim Kokryashkin via Tarantool-patches
2023-08-16 13:10     ` Sergey Kaplun via Tarantool-patches
2023-08-16 16:07   ` Sergey Bronnikov via Tarantool-patches
2023-08-09 15:35 ` [Tarantool-patches] [PATCH luajit 05/19] PPC: Add soft-float support to interpreter Sergey Kaplun via Tarantool-patches
2023-08-15 11:40   ` Maxim Kokryashkin via Tarantool-patches
2023-08-16 13:13     ` Sergey Kaplun via Tarantool-patches
2023-08-17 14:53   ` Sergey Bronnikov via Tarantool-patches
2023-08-09 15:35 ` [Tarantool-patches] [PATCH luajit 06/19] PPC: Add soft-float support to JIT compiler backend Sergey Kaplun via Tarantool-patches
2023-08-15 11:46   ` Maxim Kokryashkin via Tarantool-patches
2023-08-16 13:21     ` Sergey Kaplun via Tarantool-patches
2023-08-17 14:33   ` Sergey Bronnikov via Tarantool-patches
2023-08-09 15:35 ` [Tarantool-patches] [PATCH luajit 07/19] build: fix non-Linux/macOS builds Sergey Kaplun via Tarantool-patches
2023-08-15 11:58   ` Maxim Kokryashkin via Tarantool-patches
2023-08-16 13:40     ` Sergey Kaplun via Tarantool-patches
2023-08-17 14:31   ` Sergey Bronnikov via Tarantool-patches
2023-08-09 15:35 ` [Tarantool-patches] [PATCH luajit 08/19] Windows: Add UWP support, part 1 Sergey Kaplun via Tarantool-patches
2023-08-15 12:09   ` Maxim Kokryashkin via Tarantool-patches
2023-08-16 13:50     ` Sergey Kaplun via Tarantool-patches
2023-08-16 16:40   ` Sergey Bronnikov via Tarantool-patches
2023-08-09 15:35 ` [Tarantool-patches] [PATCH luajit 09/19] FFI: Eliminate hardcoded string hashes Sergey Kaplun via Tarantool-patches
2023-08-15 13:07   ` Maxim Kokryashkin via Tarantool-patches
2023-08-16 13:52     ` Sergey Kaplun via Tarantool-patches
2023-08-16 17:04     ` Sergey Bronnikov via Tarantool-patches
2023-08-09 15:35 ` [Tarantool-patches] [PATCH luajit 10/19] Cleanup math function compilation and fix inconsistencies Sergey Kaplun via Tarantool-patches
2023-08-11  8:06   ` Sergey Kaplun via Tarantool-patches
2023-08-15 13:10   ` Maxim Kokryashkin via Tarantool-patches
2023-08-16 17:15   ` Sergey Bronnikov via Tarantool-patches
2023-08-09 15:36 ` [Tarantool-patches] [PATCH luajit 11/19] Fix GCC 7 -Wimplicit-fallthrough warnings Sergey Kaplun via Tarantool-patches
2023-08-15 13:17   ` Maxim Kokryashkin via Tarantool-patches
2023-08-16 13:59     ` Sergey Kaplun via Tarantool-patches
2023-08-17  7:37   ` Sergey Bronnikov via Tarantool-patches
2023-08-09 15:36 ` [Tarantool-patches] [PATCH luajit 12/19] DynASM: Fix warning Sergey Kaplun via Tarantool-patches
2023-08-15 13:21   ` Maxim Kokryashkin via Tarantool-patches
2023-08-16 14:01     ` Sergey Kaplun via Tarantool-patches
2023-08-17  7:39   ` Sergey Bronnikov via Tarantool-patches
2023-08-17  7:51     ` Sergey Bronnikov via Tarantool-patches
2023-08-17  7:58       ` Sergey Kaplun via Tarantool-patches
2023-08-09 15:36 ` [Tarantool-patches] [PATCH luajit 13/19] ARM: Fix GCC 7 -Wimplicit-fallthrough warnings Sergey Kaplun via Tarantool-patches
2023-08-15 13:25   ` Maxim Kokryashkin via Tarantool-patches
2023-08-16 14:08     ` Sergey Kaplun via Tarantool-patches
2023-08-17  7:44   ` Sergey Bronnikov via Tarantool-patches
2023-08-17  8:01     ` Sergey Kaplun via Tarantool-patches
2023-08-09 15:36 ` [Tarantool-patches] [PATCH luajit 14/19] Fix debug.getinfo() argument check Sergey Kaplun via Tarantool-patches
2023-08-15 13:35   ` Maxim Kokryashkin via Tarantool-patches
2023-08-16 14:20     ` Sergey Kaplun via Tarantool-patches
2023-08-16 20:13       ` Maxim Kokryashkin via Tarantool-patches
2023-08-17  8:29   ` Sergey Bronnikov via Tarantool-patches
2023-08-09 15:36 ` [Tarantool-patches] [PATCH luajit 15/19] Fix LJ_MAX_JSLOTS assertion in rec_check_slots() Sergey Kaplun via Tarantool-patches
2023-08-15 14:07   ` Maxim Kokryashkin via Tarantool-patches
2023-08-16 14:22     ` Sergey Kaplun via Tarantool-patches
2023-08-17  8:57   ` Sergey Bronnikov via Tarantool-patches
2023-08-17  8:57     ` Sergey Kaplun via Tarantool-patches
2023-08-09 15:36 ` [Tarantool-patches] [PATCH luajit 16/19] Prevent integer overflow while parsing long strings Sergey Kaplun via Tarantool-patches
2023-08-15 14:38   ` Maxim Kokryashkin via Tarantool-patches
2023-08-16 14:52     ` Sergey Kaplun via Tarantool-patches [this message]
2023-08-17 10:53   ` Sergey Bronnikov via Tarantool-patches
2023-08-17 13:57     ` Sergey Kaplun via Tarantool-patches
2023-08-17 14:28       ` Sergey Bronnikov via Tarantool-patches
2023-08-09 15:36 ` [Tarantool-patches] [PATCH luajit 17/19] MIPS64: Fix register allocation in assembly of HREF Sergey Kaplun via Tarantool-patches
2023-08-16  9:01   ` Maxim Kokryashkin via Tarantool-patches
2023-08-16 15:17     ` Sergey Kaplun via Tarantool-patches
2023-08-16 20:14       ` Maxim Kokryashkin via Tarantool-patches
2023-08-17 11:06   ` Sergey Bronnikov via Tarantool-patches
2023-08-17 13:50     ` Sergey Kaplun via Tarantool-patches
2023-08-17 14:30       ` Sergey Bronnikov via Tarantool-patches
2023-08-09 15:36 ` [Tarantool-patches] [PATCH luajit 18/19] DynASM/MIPS: Fix shadowed variable Sergey Kaplun via Tarantool-patches
2023-08-16  9:03   ` Maxim Kokryashkin via Tarantool-patches
2023-08-16 15:22     ` Sergey Kaplun via Tarantool-patches
2023-08-17 12:01   ` Sergey Bronnikov via Tarantool-patches
2023-08-09 15:36 ` [Tarantool-patches] [PATCH luajit 19/19] MIPS: Add MIPS64 R6 port Sergey Kaplun via Tarantool-patches
2023-08-16  9:16   ` Maxim Kokryashkin via Tarantool-patches
2023-08-16 15:24     ` Sergey Kaplun via Tarantool-patches
2023-08-17 13:03   ` Sergey Bronnikov via Tarantool-patches
2023-08-17 13:59     ` Sergey Kaplun via Tarantool-patches
2023-08-16 15:35 ` [Tarantool-patches] [PATCH luajit 00/19] Prerequisites for improve assertions Sergey Kaplun via Tarantool-patches
2023-08-17 14:06   ` Maxim Kokryashkin via Tarantool-patches
2023-08-17 14:38 ` Sergey Bronnikov via Tarantool-patches
2023-08-31 15:17 ` Igor Munkin via Tarantool-patches

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=ZNzivqy5ZkyWcOF-@root \
    --to=tarantool-patches@dev.tarantool.org \
    --cc=m.kokryashkin@tarantool.org \
    --cc=skaplun@tarantool.org \
    --subject='Re: [Tarantool-patches] [PATCH luajit 16/19] Prevent integer overflow while parsing long strings.' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox