feat(deserializer): protect against corrupted binary files
Signed-off-by: Leonardo de Moura <leonardo@microsoft.com>
This commit is contained in:
Leonardo de Moura
parent
c473a484bb
commit
1f6e959139
7 changed files with 12 additions and 6 deletions
|
|
@ -459,7 +459,7 @@ public:
|
||||||
name n = read_name(d);
|
name n = read_name(d);
|
||||||
return mk_metavar(n, read_local_context(d));
|
return mk_metavar(n, read_local_context(d));
|
||||||
}}
|
}}
|
||||||
lean_unreachable(); // LCOV_EXCL_LINE
|
throw_corrupted_file();
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
|
||||||
|
|
@ -308,7 +308,7 @@ public:
|
||||||
}
|
}
|
||||||
return max_core(lvls.size(), lvls.data());
|
return max_core(lvls.size(), lvls.data());
|
||||||
}}
|
}}
|
||||||
lean_unreachable();
|
throw_corrupted_file();
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
|
||||||
|
|
@ -404,7 +404,7 @@ public:
|
||||||
name prefix = read();
|
name prefix = read();
|
||||||
return name(prefix, d.read_unsigned());
|
return name(prefix, d.read_unsigned());
|
||||||
}}
|
}}
|
||||||
lean_unreachable(); // LCOV_EXCL_LINE
|
throw_corrupted_file();
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
|
||||||
|
|
@ -7,7 +7,6 @@ Author: Leonardo de Moura
|
||||||
#pragma once
|
#pragma once
|
||||||
#include <unordered_map>
|
#include <unordered_map>
|
||||||
#include <vector>
|
#include <vector>
|
||||||
#include "util/exception.h"
|
|
||||||
#include "util/serializer.h"
|
#include "util/serializer.h"
|
||||||
|
|
||||||
#ifndef LEAN_OBJECT_SERIALIZER_BUCKET_SIZE
|
#ifndef LEAN_OBJECT_SERIALIZER_BUCKET_SIZE
|
||||||
|
|
@ -62,7 +61,7 @@ public:
|
||||||
} else {
|
} else {
|
||||||
unsigned i = d.read_unsigned();
|
unsigned i = d.read_unsigned();
|
||||||
if (i >= m_table.size())
|
if (i >= m_table.size())
|
||||||
throw exception("corrupted binary file");
|
throw_corrupted_file();
|
||||||
return m_table[i];
|
return m_table[i];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -9,6 +9,7 @@ Author: Leonardo de Moura
|
||||||
#include <stdio.h>
|
#include <stdio.h>
|
||||||
#include <ios>
|
#include <ios>
|
||||||
#include "util/serializer.h"
|
#include "util/serializer.h"
|
||||||
|
#include "util/exception.h"
|
||||||
|
|
||||||
namespace lean {
|
namespace lean {
|
||||||
void serializer_core::write_unsigned(unsigned i) {
|
void serializer_core::write_unsigned(unsigned i) {
|
||||||
|
|
@ -69,4 +70,8 @@ double deserializer_core::read_double() {
|
||||||
in >> r;
|
in >> r;
|
||||||
return r;
|
return r;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void throw_corrupted_file() {
|
||||||
|
throw exception("corrupted binary file");
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -63,4 +63,6 @@ inline deserializer & operator>>(deserializer & d, int & i) { i = d.read_int();
|
||||||
inline deserializer & operator>>(deserializer & d, char & c) { c = d.read_char(); return d; }
|
inline deserializer & operator>>(deserializer & d, char & c) { c = d.read_char(); return d; }
|
||||||
inline deserializer & operator>>(deserializer & d, bool & b) { b = d.read_bool(); return d; }
|
inline deserializer & operator>>(deserializer & d, bool & b) { b = d.read_bool(); return d; }
|
||||||
inline deserializer & operator>>(deserializer & d, double & b) { b = d.read_double(); return d; }
|
inline deserializer & operator>>(deserializer & d, double & b) { b = d.read_double(); return d; }
|
||||||
|
|
||||||
|
[[ noreturn ]] void throw_corrupted_file();
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -336,7 +336,7 @@ public:
|
||||||
sexpr t = read();
|
sexpr t = read();
|
||||||
return sexpr(h, t);
|
return sexpr(h, t);
|
||||||
}}
|
}}
|
||||||
lean_unreachable();
|
throw_corrupted_file();
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue