diff options
| author | Kaz Kylheku <kaz@kylheku.com> | 2019-09-30 06:59:05 -0700 |
|---|---|---|
| committer | Kaz Kylheku <kaz@kylheku.com> | 2019-09-30 06:59:05 -0700 |
| commit | 7098518a9bc43378afb5cbf599a074775c1d1d55 (patch) | |
| tree | 4aef76fd2598ccdc4d5f1fb13fd056de8e19bb59 /regex.c | |
| parent | 48ef128584e4b15c8b83de0f10f6d077031fa0ee (diff) | |
| download | txr-7098518a9bc43378afb5cbf599a074775c1d1d55.tar.gz txr-7098518a9bc43378afb5cbf599a074775c1d1d55.tar.bz2 txr-7098518a9bc43378afb5cbf599a074775c1d1d55.zip | |
safety: fix type tests that code can subvert.
This patch fixes numerous instances of a safety hole which
involves the type of a COBJ object being tested to be of
a given class using logic that can be subverted by the
definition of a like-named struct.
Specifically logic like (typeof(obj) == hash_s) is broken,
because if a struct type called hash is defined, then the test
will yield true for instances of that struct type. Those
instances can then be passed into code that only works on COBJ
hashes, and relies on this test to reject invalid objects.
* ffi.c (make_carray): Replace fragile test with strong one,
using new cobjclassp function.
* hash.c (hashp): Likewise.
* lib.c (class_check): The expression used here for the type
test moves into the new function cobjclassp and so is replaced
by a call to that function.
(cobjclassp): New function.
* lib.h (cobjclassp): Declared.
* rand.c (random_state_p): Replace fragile test using
cobjclassp.
* regex.c (char_set_compile): Replace fragile typeof tests
for character type with is_chr.
(reg_derivative, regexp): Replace fragile test with cobjclassp.
* struct.c (struct_type_p): Replace fragile test with cobjclassp.
Diffstat (limited to 'regex.c')
| -rw-r--r-- | regex.c | 12 |
1 files changed, 6 insertions, 6 deletions
@@ -682,7 +682,7 @@ static char_set_t *char_set_compile(val args, val comp) val from = car(item); val to = cdr(item); - assert (typeof(from) == chr_s && typeof(to) == chr_s); + assert (is_chr(from) && is_chr(to)); if (c_chr(from) < min) min = c_chr(from); @@ -693,7 +693,7 @@ static char_set_t *char_set_compile(val args, val comp) min = c_chr(to); if (c_chr(to) > max) max = c_chr(to); - } else if (typeof(item) == chr_s) { + } else if (is_chr(item)) { if (c_chr(item) < min) min = c_chr(item); if (c_chr(item) > max) @@ -745,9 +745,9 @@ static char_set_t *char_set_compile(val args, val comp) val from = car(item); val to = cdr(item); - assert (typeof(from) == chr_s && typeof(to) == chr_s); + assert (is_chr(from) && is_chr(to)); char_set_add_range(set, c_chr(from), c_chr(to)); - } else if (typeof(item) == chr_s) { + } else if (is_chr(item)) { char_set_add(set, c_chr(item)); } else if (item == space_k) { char_set_add_str(set, spaces); @@ -1835,7 +1835,7 @@ static val reg_derivative(val exp, val ch) return t; } else if (chrp(exp)) { return null(eq(exp, ch)); - } else if (typeof(exp) == chset_s) { + } else if (cobjclassp(exp, chset_s)) { char_set_t *set = coerce(char_set_t *, exp->co.handle); return if3(char_set_contains(set, c_chr(ch)), nil, t); } else if (exp == wild_s) { @@ -2240,7 +2240,7 @@ val regex_compile(val regex_sexp, val error_stream) val regexp(val obj) { - return typeof(obj) == regex_s ? t : nil; + return cobjclassp(obj, regex_s); } val regex_source(val compiled_regex) |