Backport soundness fix

This commit is contained in:
Dániel Buga 2024-10-21 13:50:23 +02:00
parent 701c9d1764
commit 7cdbfdbbd1
No known key found for this signature in database
4 changed files with 46 additions and 12 deletions

View File

@ -1,6 +1,6 @@
[package]
name = "embassy-executor-macros"
version = "0.4.1"
version = "0.4.2"
edition = "2021"
license = "MIT OR Apache-2.0"
description = "macros for creating the entry point and tasks for embassy-executor"
@ -13,7 +13,7 @@ categories = [
]
[dependencies]
syn = { version = "2.0.15", features = ["full", "extra-traits"] }
syn = { version = "2.0.15", features = ["full", "visit"] }
quote = "1.0.9"
darling = "0.20.1"
proc-macro2 = "1.0.29"

View File

@ -2,6 +2,7 @@ use darling::export::NestedMeta;
use darling::FromMeta;
use proc_macro2::{Span, TokenStream};
use quote::{format_ident, quote};
use syn::visit::Visit;
use syn::{parse_quote, Expr, ExprLit, ItemFn, Lit, LitInt, ReturnType, Type};
use crate::util::ctxt::Ctxt;
@ -57,15 +58,18 @@ pub fn run(args: &[NestedMeta], f: syn::ItemFn) -> Result<TokenStream, TokenStre
syn::FnArg::Receiver(_) => {
ctxt.error_spanned_by(arg, "task functions must not have receiver arguments");
}
syn::FnArg::Typed(t) => match t.pat.as_mut() {
syn::Pat::Ident(id) => {
id.mutability = None;
args.push((id.clone(), t.attrs.clone()));
syn::FnArg::Typed(t) => {
check_arg_ty(&t.ty)?;
match t.pat.as_mut() {
syn::Pat::Ident(id) => {
id.mutability = None;
args.push((id.clone(), t.attrs.clone()));
}
_ => {
ctxt.error_spanned_by(arg, "pattern matching in task arguments is not yet supported");
}
}
_ => {
ctxt.error_spanned_by(arg, "pattern matching in task arguments is not yet supported");
}
},
}
}
}
@ -123,3 +127,27 @@ pub fn run(args: &[NestedMeta], f: syn::ItemFn) -> Result<TokenStream, TokenStre
Ok(result)
}
fn check_arg_ty(ty: &Type) -> Result<(), TokenStream> {
struct Visitor {
errors: Option<TokenStream>,
}
impl<'ast> Visit<'ast> for Visitor {
fn visit_type_impl_trait(&mut self, i: &'ast syn::TypeImplTrait) {
use syn::spanned::Spanned;
self.errors = Some(quote::quote_spanned! { i.span() =>
compile_error!("`impl Trait` is not allowed in task arguments. It is syntax sugar for generics, and tasks can't be generic.");
});
}
}
let mut visitor = Visitor { errors: None };
Visit::visit_type(&mut visitor, ty);
if let Some(errors) = visitor.errors {
Err(errors)
} else {
Ok(())
}
}

View File

@ -7,6 +7,12 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
## Unreleased
## 0.5.1 - 2024-10-21
- Soundness fix: Deny using `impl Trait` in task arguments. This was previously accidentally allowed when not using the `nightly` feature,
and could cause out of bounds memory accesses if spawning the same task mulitple times with different underlying types
for the `impl Trait`.
## 0.5.0 - 2024-01-11
- Updated to `embassy-time-driver 0.1`, `embassy-time-queue-driver 0.1`, compatible with `embassy-time v0.3` and higher.

View File

@ -1,6 +1,6 @@
[package]
name = "embassy-executor"
version = "0.5.0"
version = "0.5.1"
edition = "2021"
license = "MIT OR Apache-2.0"
description = "async/await executor designed for embedded usage"
@ -33,7 +33,7 @@ defmt = { version = "0.3", optional = true }
log = { version = "0.4.14", optional = true }
rtos-trace = { version = "0.1.2", optional = true }
embassy-executor-macros = { version = "0.4.0", path = "../embassy-executor-macros" }
embassy-executor-macros = { version = "0.4.2", path = "../embassy-executor-macros" }
embassy-time-driver = { version = "0.1.0", path = "../embassy-time-driver", optional = true }
embassy-time-queue-driver = { version = "0.1.0", path = "../embassy-time-queue-driver", optional = true }
critical-section = "1.1"