Differences From Artifact [d21c98d61f]:
- File
src/OFDataArray+MessagePackValue.m
— part of check-in
[4af49a13c3]
at
2017-05-07 20:10:13
on branch trunk
— Small code style change
Casts are now written like types in variable declarations. (user: js, size: 11516) [annotate] [blame] [check-ins using]
To Artifact [c085900a12]:
- File src/OFDataArray+MessagePackValue.m — part of check-in [c0d8a3426c] at 2017-05-13 23:27:40 on branch trunk — Add depth limit for MessagePack (user: js, size: 12088) [annotate] [blame] [check-ins using]
︙ | ︙ | |||
25 26 27 28 29 30 31 | #import "OFDictionary.h" #import "OFMessagePackExtension.h" #import "OFInvalidFormatException.h" int _OFDataArray_MessagePackValue_reference; | | > | 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 | #import "OFDictionary.h" #import "OFMessagePackExtension.h" #import "OFInvalidFormatException.h" int _OFDataArray_MessagePackValue_reference; static size_t parseObject(const uint8_t *buffer, size_t length, id *object, size_t depthLimit); static uint16_t readUInt16(const uint8_t *buffer) { return ((uint16_t)buffer[0] << 8) | buffer[1]; } |
︙ | ︙ | |||
50 51 52 53 54 55 56 | return ((uint64_t)buffer[0] << 56) | ((uint64_t)buffer[1] << 48) | ((uint64_t)buffer[2] << 40) | ((uint64_t)buffer[3] << 32) | ((uint64_t)buffer[4] << 24) | ((uint64_t)buffer[5] << 16) | ((uint64_t)buffer[6] << 8) | buffer[7]; } static size_t | | > > > > > > | > | > > > > > > | > | > | > | 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 | return ((uint64_t)buffer[0] << 56) | ((uint64_t)buffer[1] << 48) | ((uint64_t)buffer[2] << 40) | ((uint64_t)buffer[3] << 32) | ((uint64_t)buffer[4] << 24) | ((uint64_t)buffer[5] << 16) | ((uint64_t)buffer[6] << 8) | buffer[7]; } static size_t parseArray(const uint8_t *buffer, size_t length, id *object, size_t count, size_t depthLimit) { void *pool; size_t pos = 0; if (--depthLimit == 0) { *object = nil; return 0; } /* * Don't use capacity! For data and strings, this is safe, as we can * check if we still have enough bytes left. For an array however, we * can't know this, as every child can be more than one byte. */ *object = [OFMutableArray array]; for (size_t i = 0; i < count; i++) { id child; size_t childLength; pool = objc_autoreleasePoolPush(); childLength = parseObject(buffer + pos, length - pos, &child, depthLimit); if (childLength == 0 || child == nil) { objc_autoreleasePoolPop(pool); *object = nil; return 0; } pos += childLength; [*object addObject: child]; objc_autoreleasePoolPop(pool); } return pos; } static size_t parseTable(const uint8_t *buffer, size_t length, id *object, size_t count, size_t depthLimit) { void *pool; size_t pos = 0; if (--depthLimit == 0) { *object = nil; return 0; } /* * Don't use capacity! For data and strings, this is safe, as we can * check if we still have enough bytes left. For a dictionary however, * we can't know this, as every key / value can be more than one byte. */ *object = [OFMutableDictionary dictionary]; for (size_t i = 0; i < count; i++) { id key, value; size_t keyLength, valueLength; pool = objc_autoreleasePoolPush(); keyLength = parseObject(buffer + pos, length - pos, &key, depthLimit); if (keyLength == 0 || key == nil) { objc_autoreleasePoolPop(pool); *object = nil; return 0; } pos += keyLength; valueLength = parseObject(buffer + pos, length - pos, &value, depthLimit); if (valueLength == 0 || value == nil) { objc_autoreleasePoolPop(pool); *object = nil; return 0; } pos += valueLength; [*object setObject: value forKey: key]; objc_autoreleasePoolPop(pool); } return pos; } static size_t parseObject(const uint8_t *buffer, size_t length, id *object, size_t depthLimit) { size_t count; int8_t type; OFDataArray *data; if (length < 1) goto error; |
︙ | ︙ | |||
169 170 171 172 173 174 175 | length: count]; return count + 1; } /* fixarray */ if ((buffer[0] & 0xF0) == 0x90) return parseArray(buffer + 1, length - 1, object, | | | | 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 | length: count]; return count + 1; } /* fixarray */ if ((buffer[0] & 0xF0) == 0x90) return parseArray(buffer + 1, length - 1, object, buffer[0] & 0xF, depthLimit) + 1; /* fixmap */ if ((buffer[0] & 0xF0) == 0x80) return parseTable(buffer + 1, length - 1, object, buffer[0] & 0xF, depthLimit) + 1; /* Prefix byte */ switch (*buffer) { /* Unsigned integers */ case 0xCC: /* uint8 */ if (length < 2) goto error; |
︙ | ︙ | |||
423 424 425 426 427 428 429 | extensionWithType: type data: data]; } @finally { [data release]; } return 4; | | | | 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 | extensionWithType: type data: data]; } @finally { [data release]; } return 4; case 0xD6: /* fixext 4 */ if (length < 6) goto error; type = buffer[1]; data = [[OFDataArray alloc] initWithCapacity: 4]; @try { [data addItems: buffer + 2 count: 4]; *object = [OFMessagePackExtension extensionWithType: type data: data]; } @finally { [data release]; } return 6; case 0xD7: /* fixext 8 */ if (length < 10) goto error; type = buffer[1]; data = [[OFDataArray alloc] initWithCapacity: 8]; @try { |
︙ | ︙ | |||
526 527 528 529 530 531 532 | return count + 5; /* Arrays */ case 0xDC: /* array 16 */ if (length < 3) goto error; return parseArray(buffer + 3, length - 3, object, | | | | | > > > > > > | > > > > | 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 | return count + 5; /* Arrays */ case 0xDC: /* array 16 */ if (length < 3) goto error; return parseArray(buffer + 3, length - 3, object, readUInt16(buffer + 1), depthLimit) + 3; case 0xDD: /* array 32 */ if (length < 5) goto error; return parseArray(buffer + 5, length - 5, object, readUInt32(buffer + 1), depthLimit) + 5; /* Maps */ case 0xDE: /* map 16 */ if (length < 3) goto error; return parseTable(buffer + 3, length - 3, object, readUInt16(buffer + 1), depthLimit) + 3; case 0xDF: /* map 32 */ if (length < 5) goto error; return parseTable(buffer + 5, length - 5, object, readUInt32(buffer + 1), depthLimit) + 5; } error: *object = nil; return 0; } @implementation OFDataArray (MessagePackValue) - (id)messagePackValue { return [self messagePackValueWithDepthLimit: 32]; } - (id)messagePackValueWithDepthLimit: (size_t)depthLimit { void *pool = objc_autoreleasePoolPush(); size_t count = [self count]; id object; if (parseObject([self items], count, &object, depthLimit) != count || object == nil) @throw [OFInvalidFormatException exception]; [object retain]; objc_autoreleasePoolPop(pool); return object; } @end |