Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

C++: Add option to skip verifying nested flatbuffers #7489

Merged
merged 6 commits into from Aug 29, 2022
Merged

C++: Add option to skip verifying nested flatbuffers #7489

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
3509db1
C++: Add option to skip verifying nested flatbuffers
Aug 29, 2022
2def5f2
fixes
Aug 29, 2022
91305e7
fmt
Aug 29, 2022
e55f235
formatting, and remove an argument
Aug 29, 2022
ec9a089
fix
Aug 29, 2022
14076f2
Merge branch 'master' into verifier-options
dbaileychess Aug 29, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
53 changes: 40 additions & 13 deletions include/flatbuffers/verifier.h
View file
Open in desktop
Expand Up @@ -25,22 +25,48 @@ namespace flatbuffers {
// Helper class to verify the integrity of a FlatBuffer
class Verifier FLATBUFFERS_FINAL_CLASS {
public:
Verifier(const uint8_t *const buf, const size_t buf_len,
const uoffset_t _max_depth = 64,
const uoffset_t _max_tables = 1000000,
const bool _check_alignment = true)
struct Options {
// The maximum nesting of tables and vectors before we call it invalid.
uoffset_t max_depth = 64;
dbaileychess marked this conversation as resolved.
Show resolved Hide resolved
// The maximum number of tables we will verify before we call it invalid.
uoffset_t max_tables = 1000000;
// If true, verify all data is aligned.
bool check_alignment = true;
// If true, run verifier on nested flatbuffers
bool check_nested_flatbuffers = true;

// Manually implemented constructors for compilers that can't figure it out.
dbaileychess marked this conversation as resolved.
Show resolved Hide resolved
Options() = default;
Options(uoffset_t d, uoffset_t t, bool a, bool n)
: max_depth(d),
max_tables(t),
check_alignment(a),
check_nested_flatbuffers(n) {}
};


Verifier(const uint8_t *const buf, const size_t buf_len, const Options opts)
dbaileychess marked this conversation as resolved.
Show resolved Hide resolved
: buf_(buf),
size_(buf_len),
max_depth_(_max_depth),
max_tables_(_max_tables),
check_alignment_(_check_alignment),
opts_(opts),
upper_bound_(0),
depth_(0),
num_tables_(0),
flex_reuse_tracker_(nullptr) {
FLATBUFFERS_ASSERT(size_ < FLATBUFFERS_MAX_BUFFER_SIZE);
}

// Deprecated API, please construct with Verifier::Options.
Verifier(const uint8_t *const buf, const size_t buf_len,
const uoffset_t _max_depth = 64,
const uoffset_t _max_tables = 1000000,
const bool _check_alignment = true,
const bool _check_nested_flatbuffers = true)
dbaileychess marked this conversation as resolved.
Show resolved Hide resolved
: Verifier(buf, buf_len, {
dbaileychess marked this conversation as resolved.
Show resolved Hide resolved
_max_depth, _max_tables, _check_alignment,
_check_nested_flatbuffers
}) {}

// Central location where any verification failures register.
bool Check(const bool ok) const {
// clang-format off
Expand Down Expand Up @@ -68,7 +94,7 @@ class Verifier FLATBUFFERS_FINAL_CLASS {
}

bool VerifyAlignment(const size_t elem, const size_t align) const {
return Check((elem & (align - 1)) == 0 || !check_alignment_);
return Check((elem & (align - 1)) == 0 || !opts_.check_alignment);
}

// Verify a range indicated by sizeof(T).
Expand Down Expand Up @@ -204,11 +230,14 @@ class Verifier FLATBUFFERS_FINAL_CLASS {
template<typename T>
bool VerifyNestedFlatBuffer(const Vector<uint8_t> *const buf,
const char *const identifier) {
// Caller opted out of this.
if (!opts_.check_nested_flatbuffers) return true;

// An empty buffer is OK as it indicates not present.
if (!buf) return true;

// If there is a nested buffer, it must be greater than the min size.
if(!Check(buf->size() >= FLATBUFFERS_MIN_BUFFER_SIZE)) return false;
if (!Check(buf->size() >= FLATBUFFERS_MIN_BUFFER_SIZE)) return false;

Verifier nested_verifier(buf->data(), buf->size());
return nested_verifier.VerifyBuffer<T>(identifier);
Expand Down Expand Up @@ -253,7 +282,7 @@ class Verifier FLATBUFFERS_FINAL_CLASS {
bool VerifyComplexity() {
depth_++;
num_tables_++;
return Check(depth_ <= max_depth_ && num_tables_ <= max_tables_);
return Check(depth_ <= opts_.max_depth && num_tables_ <= opts_.max_tables);
}

// Called at the end of a table to pop the depth count.
Expand Down Expand Up @@ -288,9 +317,7 @@ class Verifier FLATBUFFERS_FINAL_CLASS {
private:
const uint8_t *buf_;
const size_t size_;
const uoffset_t max_depth_;
const uoffset_t max_tables_;
const bool check_alignment_;
const Options opts_;

mutable size_t upper_bound_;

Expand Down
8 changes: 8 additions & 0 deletions tests/test.cpp
View file
Open in desktop
Expand Up @@ -1084,6 +1084,14 @@ void NestedVerifierTest() {
flatbuffers::Verifier verifier(builder.GetBufferPointer(),
builder.GetSize());
TEST_EQ(false, VerifyMonsterBuffer(verifier));

// Verify the root monster succeeds, since we've disabled checking nested
// flatbuffers
flatbuffers::Verifier::Options options;
options.check_nested_flatbuffers = false;
flatbuffers::Verifier no_check_nested(builder.GetBufferPointer(),
builder.GetSize(), options);
TEST_EQ(true, VerifyMonsterBuffer(no_check_nested));
}

{
Expand Down