[NRBF] throw SerializationException when a surrogate character is read by adamsitnik · Pull Request #107532 · dotnet/runtime (original) (raw)

• [NRBF] Don't use Unsafe.As when decoding DateTime(s) (#105749)

• Add NrbfDecoder Fuzzer (#107385)

• [NRBF] Fix bugs discovered by the fuzzer (#107368)

• bug #1: don't allow for values out of the SerializationRecordType enum range

• bug #2: throw SerializationException rather than KeyNotFoundException when the referenced record is missing or it points to a record of different type

• bug #3: throw SerializationException rather than FormatException when it's being thrown by BinaryReader (or sth else that we use)

• bug #4: document the fact that IOException can be thrown

• bug #5: throw SerializationException rather than OverflowException when parsing the decimal fails

• bug #6: 0 and 17 are illegal values for PrimitiveType enum

• bug #7: throw SerializationException when a surrogate character is read (so far an ArgumentException was thrown)

Conflicts:

src/libraries/System.Formats.Nrbf/src/System/Formats/Nrbf/NrbfDecoder.cs

• [NRBF] throw SerializationException when a surrogate character is read (#107532)

(so far an ArgumentException was thrown)

• [NRBF] Fuzzing non-seekable stream input (#107605)

• [NRBF] More bug fixes (#107682)

• Don't use Debug.Fail not followed by an exception (it may cause problems for apps deployed in Debug)
• avoid Int32 overflow
• throw for unexpected enum values just in case parsing has not rejected them
• validate the number of chars read by BinaryReader.ReadChars
• pass serialization record id to ex message
• return false rather than throw EndOfStreamException when provided Stream has not enough data
• don't restore the position in finally
• limit max SZ and MD array length to Array.MaxLength, stop using LinkedList as List will be able to hold all elements now
• remove internal enum values that were always illegal, but needed to be handled everywhere
• Fix DebuggerDisplay

• [NRBF] Comments and bug fixes from internal code review (#107735)

• copy comments and asserts from Levis internal code review

• apply Levis suggestion: don't store Array.MaxLength as a const, as it may change in the future

• add missing and fix some of the existing comments

• first bug fix: SerializationRecord.TypeNameMatches should throw ArgumentNullException for null Type argument

• second bug fix: SerializationRecord.TypeNameMatches should know the difference between SZArray and single-dimension, non-zero offset arrays (example: int[] and int[*])

• third bug fix: don't cast bytes to booleans

• fourth bug fix: don't cast bytes to DateTimes

• add one test case that I've forgot in previous PR

Conflicts:

src/libraries/System.Formats.Nrbf/src/System/Formats/Nrbf/SerializationRecord.cs

• [NRBF] Address issues discovered by Threat Model (#106629)

• introduce ArrayRecord.FlattenedLength

• do not include invalid Type or Assembly names in the exception messages, as it's most likely corrupted/tampered/malicious data and could be used as a vector of attack.

• It is possible to have binary array records have an element type of array without being marked as jagged

Co-authored-by: Buyaa Namnan bunamnan@microsoft.com