Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[NRBF] throw SerializationException when a surrogate character is read #107532

Merged
merged 1 commit into from
Sep 10, 2024
Merged

[NRBF] throw SerializationException when a surrogate character is read #107532

merged 1 commit into from
Sep 10, 2024

Conversation

adamsitnik
Copy link
Member

(so far an ArgumentException was thrown)

fixes #107515

@adamsitnik adamsitnik self-assigned this Sep 9, 2024
@adamsitnik
Copy link
Member Author

@MihuBot fuzz NrbfDecoder

@MihuBot MihuBot mentioned this pull request Sep 9, 2024
Open
@adamsitnik adamsitnik changed the title [NRB] throw SerializationException when a surrogate character is read [NRBF] throw SerializationException when a surrogate character is read Sep 9, 2024
buyaa-n
buyaa-n approved these changes Sep 10, 2024
View reviewed changes
Copy link
Member

@buyaa-n buyaa-n left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thanks

@adamsitnik adamsitnik merged commit 1705cb2 into dotnet:main Sep 10, 2024
83 of 85 checks passed
@build-analysis build-analysis bot mentioned this pull request Sep 11, 2024
Open
3 tasks
adamsitnik added a commit to adamsitnik/runtime that referenced this pull request Sep 13, 2024
@adamsitnik
[NRBF] throw SerializationException when a surrogate character is read (
02e8bb0 
dotnet#107532)

 (so far an ArgumentException was thrown)
@adamsitnik adamsitnik mentioned this pull request Sep 13, 2024
Merged
4 tasks
jtschuster pushed a commit to jtschuster/runtime that referenced this pull request Sep 17, 2024
@adamsitnik @jtschuster
[NRBF] throw SerializationException when a surrogate character is read (
5832f68 
dotnet#107532)

 (so far an ArgumentException was thrown)
carlossanlop pushed a commit that referenced this pull request Sep 17, 2024
@adamsitnik @buyaa-n
[release/9.0-rc2] NRBF Fuzzer and bug fixes (#107788)
fde8a3b 
* [NRBF] Don't use Unsafe.As when decoding DateTime(s) (#105749)

* Add NrbfDecoder Fuzzer (#107385)

* [NRBF] Fix bugs discovered by the fuzzer (#107368)

* bug #1: don't allow for values out of the SerializationRecordType enum range

* bug #2: throw SerializationException rather than KeyNotFoundException when the referenced record is missing or it points to a record of different type

* bug #3: throw SerializationException rather than FormatException when it's being thrown by BinaryReader (or sth else that we use)

* bug #4: document the fact that IOException can be thrown

* bug #5: throw SerializationException rather than OverflowException when parsing the decimal fails

* bug #6: 0 and 17 are illegal values for PrimitiveType enum

* bug #7: throw SerializationException when a surrogate character is read (so far an ArgumentException was thrown)
# Conflicts:
#	src/libraries/System.Formats.Nrbf/src/System/Formats/Nrbf/NrbfDecoder.cs

* [NRBF] throw SerializationException when a surrogate character is read (#107532)

 (so far an ArgumentException was thrown)

* [NRBF] Fuzzing non-seekable stream input (#107605)

* [NRBF] More bug fixes (#107682)

- Don't use `Debug.Fail` not followed by an exception (it may cause problems for apps deployed in Debug)
- avoid Int32 overflow
- throw for unexpected enum values just in case parsing has not rejected them
- validate the number of chars read by BinaryReader.ReadChars
- pass serialization record id to ex message
- return false rather than throw EndOfStreamException when provided Stream has not enough data
- don't restore the position in finally 
- limit max SZ and MD array length to Array.MaxLength, stop using LinkedList<T> as List<T> will be able to hold all elements now
- remove internal enum values that were always illegal, but needed to be handled everywhere
- Fix DebuggerDisplay

* [NRBF] Comments and bug fixes from internal code review (#107735)

* copy comments and asserts from Levis internal code review

* apply Levis suggestion: don't store Array.MaxLength as a const, as it may change in the future

* add missing and fix some of the existing comments

* first bug fix: SerializationRecord.TypeNameMatches should throw ArgumentNullException for null Type argument

* second bug fix: SerializationRecord.TypeNameMatches should know the difference between SZArray and single-dimension, non-zero offset arrays (example: int[] and int[*])

* third bug fix: don't cast bytes to booleans

* fourth bug fix: don't cast bytes to DateTimes

* add one test case that I've forgot in previous PR
# Conflicts:
#	src/libraries/System.Formats.Nrbf/src/System/Formats/Nrbf/SerializationRecord.cs

* [NRBF] Address issues discovered by Threat Model  (#106629)

* introduce ArrayRecord.FlattenedLength

* do not include invalid Type or Assembly names in the exception messages, as it's most likely corrupted/tampered/malicious data and could be used as a vector of attack.

* It is possible to have binary array records have an element type of array without being marked as jagged

---------

Co-authored-by: Buyaa Namnan <bunamnan@microsoft.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@buyaa-n buyaa-n buyaa-n approved these changes

Assignees

@adamsitnik adamsitnik

Labels
area-System.Formats.Nrbf
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[Fuzzing] NrbfDecoderFuzzer: The output char buffer is too small to contain the decoded characters
2 participants
@adamsitnik @buyaa-n