commit 2989b23b93bd21ab5fe7e37b8a38950a886d07e8
parent d12ff18dd999f522c2311c191843d74f8eb27a63
Author: lash <dev@holbrook.no>
Date: Thu, 6 Apr 2023 12:41:36 +0100
Add input format checker in engine
Diffstat:
3 files changed, 33 insertions(+), 3 deletions(-)
diff --git a/go/engine/engine.go b/go/engine/engine.go
@@ -5,11 +5,16 @@ import (
"fmt"
"io"
"log"
+ "regexp"
"git.defalsify.org/festive/resource"
"git.defalsify.org/festive/state"
"git.defalsify.org/festive/vm"
)
+
+var (
+ inputRegex = regexp.MustCompile("^[a-zA-Z0-9].*$")
+)
//
//type Config struct {
// FlagCount uint32
@@ -45,6 +50,13 @@ func(en *Engine) Init(sym string, ctx context.Context) error {
return nil
}
+func checkInput(input []byte) error {
+ if !inputRegex.Match(input) {
+ return fmt.Errorf("Invalid input format: %s", input)
+ }
+ return nil
+}
+
// Exec processes user input against the current state of the virtual machine environment.
//
// If successfully executed, output of the last execution is available using the WriteResult call.
@@ -56,7 +68,11 @@ func(en *Engine) Init(sym string, ctx context.Context) error {
// - no current bytecode is available
// - input processing against bytcode failed
func (en *Engine) Exec(input []byte, ctx context.Context) (bool, error) {
- err := en.st.SetInput(input)
+ err := checkInput(input)
+ if err != nil {
+ return false, err
+ }
+ err = en.st.SetInput(input)
if err != nil {
return false, err
}
diff --git a/go/engine/engine_test.go b/go/engine/engine_test.go
@@ -120,3 +120,19 @@ it has more lines
t.Fatalf("expected\n\t%s\ngot:\n\t%s\n", expect, b)
}
}
+
+func TestEngineExecInvalidInput(t *testing.T) {
+ st := state.NewState(17).WithCacheSize(1024)
+ generateTestData(t)
+ ctx := context.TODO()
+ rs := NewFsWrapper(dataDir, &st)
+ en := NewEngine(&st, &rs)
+ err := en.Init("root", ctx)
+ if err != nil {
+ t.Fatal(err)
+ }
+ _, err = en.Exec([]byte("_foo"), ctx)
+ if err == nil {
+ t.Fatalf("expected fail on invalid input")
+ }
+}
diff --git a/go/vm/runner_test.go b/go/vm/runner_test.go
@@ -89,8 +89,6 @@ func TestRun(t *testing.T) {
b := NewLine(nil, MOVE, []string{"foo"}, nil, nil)
b = NewLine(b, HALT, nil, nil, nil)
- //b := []byte{0x00, MOVE, 0x03}
- //b = append(b, []byte("foo")...)
_, err := Run(b, &st, &rs, context.TODO())
if err != nil {
t.Errorf("run error: %v", err)
