VerifyKey() returns true on the first non-zero byte instead of
checking for a null terminator. This causes VerifyBuffer() to accept
FlexBuffers with non-null-terminated keys. Subsequent access to those
keys via strlen()/strcmp() reads out of bounds.
The condition if (*p++) should be if (!*p++) — return true
when a null terminator is found, not when any non-zero byte is found.
Confirmed with AddressSanitizer: heap-buffer-overflow in strlen()
after VerifyBuffer() returns true on a corrupted buffer.
A blob is an array of bytes and has no intrinsic alignment (i.e. the
alignment is 1). The alignment of the existing flexbuffers blob is
solely affected by the width of the integer needed to store the blob's
size: that integer's width becomes the alignment of the blob.
The proposed AlignedBlob function here piggybacks on this effect and
simply uses a user-defined alignment for the width of the integer that
stores the blob's size; this automatically imparts that same alignment
on the blob itself. (The width is bounded below by the actual width
needed to store the blob's size.)
The ability to control the alignment of a blob is important for use
cases in which the blob itself stores structured data that we want to
access without further copies (e.g. other flatbuffer messages).
* Update build.yml
Upgrade to gcc 13 and clang 15
* switch to __is_trivially_copyable
* fix cmake issue and warning about sign comparison
* Use libc++ for C++23 on clang for now
* Use libc++ for C++23 on clang for now
* exclude clang+15 for C++13 builds
* code gen flexbuffer verifier
* remove verify nested flexbuffers from flexbuffers
* made function static, and placed higher in file
* moved function to own header
FlexBuffers are used by custom op handlers for TFLite. Using the optimized path for ReadUInt64 in FlexBuffers causes a crash in models using custom ops on win32 build. This change fixes the problem by using unoptimized implementation of ReadUInt64 for win32.
ARM64EC is a new ARM64 ABI designed by Microsoft to support x64 application emulation on ARM64 CPUs. When compiling for ARM64EC, both the _M_X64 and _M_ARM64EC macros are defined. However, that causes problem in compiling this file, because the __movsb intrinsic, which is lowered to rep movsb, is not supported on ARM64, so the optimization for native x64 should be disabled for ARM64EC.
- add a new method ParseJson to minimize failures during fuzzing
- add default (conditional) move-constructor for Parser
- add a new monster_fuzzer
- switch fuzzers to C++17 and `test/cpp17` generated code
Add static cast from float to double in flexbuffers.h to avoid implicit double promotion error. This error is surfacing during the tensorflow lite for microcontrollers build since we enabled -Werror and -Wdouble-promotion.
Number of elements on the stack shouldn't affect the calculation
of ElemWidth(). Variable 'start' needs to be subtracted from the
loop variable 'i' to make indexing zero-based.
There is an additional unit test to pack nested vectors. Size of
the packed buffer *without* this fix is 798 and only 664 bytes
*with* the fix.
* Fixed refractoring issue in reflection/generate_code.sh. Also, mv deletes the original file, so I don't need to clean it up manually in that case.
* Added --filename-suffix and --filename-ext to flatc
* Fixed typo and added example generation of suffix and extension for C++
* Removed extra ;
* Removed clang-format block from a region that didn't need it. Fixed an auto format of another clang-format block
* Added docs, fixed pointer alignment, removed suffix test file
This means data written with older versions of this code has
potentially misaligned data, which we'll need to support.
This isn't a problem on most architectures, but could be on
older ARM chips. To support them properly may require swapping
out uses of `flatbuffers::ReadScalar` with a version that does a
memcpy internally.
Change-Id: Ib352aab4a586f3a8c6602fb25488dcfff61e06e0
* Automatic refractor of C++ headers to Google C++ style guide
* Automatic refractor of C++ source to Google C++ style guide
* Automatic refractor of C++ tests to Google C++ style guide
* Fixed clang-format issues by running clang-format twice to correct itself. Kotlin was missing clang-format on after turning it off, so it was changed,
With the introduction of Windows 10 on ARM (ARM64), code that assumes
that Windows targets are always x86 or x86_64 targets needs to be
updated.
The hot function ReadUInt64 has been optimized in MSVC builds using the
compiler intrinsic __movsb. Since this does not exist on ARM64 Windows,
this change uses the pure C++ path that other platforms use instead.
