Limit the maximum size of string/bytes values (#121)

* add tengo.MaxStringLen and tengo.MaxBytesLen to limit the maximum byte-length of string/bytes values

* add couple more tests

compiler/compiler.go

@@ -5,6 +5,7 @@ import (
 	"io"
 	"reflect"
 
+	"github.com/d5/tengo"
 	"github.com/d5/tengo/compiler/ast"
 	"github.com/d5/tengo/compiler/source"
 	"github.com/d5/tengo/compiler/token"
@@ -195,6 +196,10 @@ func (c *Compiler) Compile(node ast.Node) error {
 		}
 
 	case *ast.StringLit:
+		if len(node.Value) > tengo.MaxStringLen {
+			return c.error(node, objects.ErrStringLimit)
+		}
+
 		c.emit(node, OpConstant, c.addConstant(&objects.String{Value: node.Value}))
 
 	case *ast.CharLit:
@@ -332,6 +337,9 @@ func (c *Compiler) Compile(node ast.Node) error {
 	case *ast.MapLit:
 		for _, elt := range node.Elements {
 			// key
+			if len(elt.Key) > tengo.MaxStringLen {
+				return c.error(node, objects.ErrStringLimit)
+			}
 			c.emit(node, OpConstant, c.addConstant(&objects.String{Value: elt.Key}))
 
 			// value
@@ -507,6 +515,10 @@ func (c *Compiler) Compile(node ast.Node) error {
 
 	case *ast.ImportExpr:
 		if c.builtinModules[node.ModuleName] {
+			if len(node.ModuleName) > tengo.MaxStringLen {
+				return c.error(node, objects.ErrStringLimit)
+			}
+
 			c.emit(node, OpConstant, c.addConstant(&objects.String{Value: node.ModuleName}))
 			c.emit(node, OpGetBuiltinModule)
 		} else {
@@ -610,6 +622,14 @@ func (c *Compiler) fork(file *source.File, moduleName string, symbolTable *Symbo
 	return child
 }
 
+func (c *Compiler) error(node ast.Node, err error) error {
+	return &Error{
+		fileSet: c.file.Set(),
+		node:    node,
+		error:   err,
+	}
+}
+
 func (c *Compiler) errorf(node ast.Node, format string, args ...interface{}) error {
 	return &Error{
 		fileSet: c.file.Set(),

objects/builtin_convert.go

@@ -1,5 +1,7 @@
 package objects
 
+import "github.com/d5/tengo"
+
 func builtinString(args ...Object) (Object, error) {
 	argsLen := len(args)
 	if !(argsLen == 1 || argsLen == 2) {
@@ -12,6 +14,10 @@ func builtinString(args ...Object) (Object, error) {
 
 	v, ok := ToString(args[0])
 	if ok {
+		if len(v) > tengo.MaxStringLen {
+			return nil, ErrStringLimit
+		}
+
 		return &String{Value: v}, nil
 	}
 
@@ -117,11 +123,19 @@ func builtinBytes(args ...Object) (Object, error) {
 
 	// bytes(N) => create a new bytes with given size N
 	if n, ok := args[0].(*Int); ok {
+		if n.Value > int64(tengo.MaxBytesLen) {
+			return nil, ErrBytesLimit
+		}
+
 		return &Bytes{Value: make([]byte, int(n.Value))}, nil
 	}
 
 	v, ok := ToByteSlice(args[0])
 	if ok {
+		if len(v) > tengo.MaxBytesLen {
+			return nil, ErrBytesLimit
+		}
+
 		return &Bytes{Value: v}, nil
 	}
 

objects/builtin_json.go

@@ -2,6 +2,8 @@ package objects
 
 import (
 	"encoding/json"
+
+	"github.com/d5/tengo"
 )
 
 // to_json(v object) => bytes
@@ -15,6 +17,10 @@ func builtinToJSON(args ...Object) (Object, error) {
 		return &Error{Value: &String{Value: err.Error()}}, nil
 	}
 
+	if len(res) > tengo.MaxBytesLen {
+		return nil, ErrBytesLimit
+	}
+
 	return &Bytes{Value: res}, nil
 }
 

objects/builtin_print.go

@@ -2,6 +2,8 @@ package objects
 
 import (
 	"fmt"
+
+	"github.com/d5/tengo"
 )
 
 // print(args...)
@@ -71,5 +73,11 @@ func builtinSprintf(args ...Object) (Object, error) {
 		formatArgs[idx] = objectToInterface(arg)
 	}
 
-	return &String{Value: fmt.Sprintf(format.Value, formatArgs...)}, nil
+	s := fmt.Sprintf(format.Value, formatArgs...)
+
+	if len(s) > tengo.MaxStringLen {
+		return nil, ErrStringLimit
+	}
+
+	return &String{Value: s}, nil
 }

objects/bytes.go

@@ -3,6 +3,7 @@ package objects
 import (
 	"bytes"
 
+	"github.com/d5/tengo"
 	"github.com/d5/tengo/compiler/token"
 )
 
@@ -27,6 +28,10 @@ func (o *Bytes) BinaryOp(op token.Token, rhs Object) (Object, error) {
 	case token.Add:
 		switch rhs := rhs.(type) {
 		case *Bytes:
+			if len(o.Value)+len(rhs.Value) > tengo.MaxBytesLen {
+				return nil, ErrBytesLimit
+			}
+
 			return &Bytes{Value: append(o.Value, rhs.Value...)}, nil
 		}
 	}

objects/conversion.go

@@ -4,6 +4,8 @@ import (
 	"fmt"
 	"strconv"
 	"time"
+
+	"github.com/d5/tengo"
 )
 
 // ToString will try to convert object o to string value.
@@ -194,6 +196,9 @@ func FromInterface(v interface{}) (Object, error) {
 	case nil:
 		return UndefinedValue, nil
 	case string:
+		if len(v) > tengo.MaxStringLen {
+			return nil, ErrStringLimit
+		}
 		return &String{Value: v}, nil
 	case int64:
 		return &Int{Value: v}, nil
@@ -211,6 +216,9 @@ func FromInterface(v interface{}) (Object, error) {
 	case float64:
 		return &Float{Value: v}, nil
 	case []byte:
+		if len(v) > tengo.MaxBytesLen {
+			return nil, ErrBytesLimit
+		}
 		return &Bytes{Value: v}, nil
 	case error:
 		return &Error{Value: &String{Value: v.Error()}}, nil

objects/errors.go

@@ -20,6 +20,12 @@ var ErrInvalidOperator = errors.New("invalid operator")
 // ErrWrongNumArguments represents a wrong number of arguments error.
 var ErrWrongNumArguments = errors.New("wrong number of arguments")
 
+// ErrBytesLimit represents an error where the size of bytes value exceeds the limit.
+var ErrBytesLimit = errors.New("exceeding bytes size limit")
+
+// ErrStringLimit represents an error where the size of string value exceeds the limit.
+var ErrStringLimit = errors.New("exceeding string size limit")
+
 // ErrInvalidArgumentType represents an invalid argument value type error.
 type ErrInvalidArgumentType struct {
 	Name     string

objects/string.go

@@ -3,6 +3,7 @@ package objects
 import (
 	"strconv"
 
+	"github.com/d5/tengo"
 	"github.com/d5/tengo/compiler/token"
 )
 
@@ -28,9 +29,16 @@ func (o *String) BinaryOp(op token.Token, rhs Object) (Object, error) {
 	case token.Add:
 		switch rhs := rhs.(type) {
 		case *String:
+			if len(o.Value)+len(rhs.Value) > tengo.MaxStringLen {
+				return nil, ErrStringLimit
+			}
 			return &String{Value: o.Value + rhs.Value}, nil
 		default:
-			return &String{Value: o.Value + rhs.String()}, nil
+			rhsStr := rhs.String()
+			if len(o.Value)+len(rhsStr) > tengo.MaxStringLen {
+				return nil, ErrStringLimit
+			}
+			return &String{Value: o.Value + rhsStr}, nil
 		}
 	}
 

runtime/vm_assignment_test.go

@@ -193,8 +193,8 @@ out = func() {
 `, 136)
 
 	// assigning different type value
-	expect(t, `a := 1; a = "foo"; out = a`, "foo")                                                 // global
-	expect(t, `func() { a := 1; a = "foo"; out = a }()`, "foo")                                    // local
+	expect(t, `a := 1; a = "foo"; out = a`, "foo")              // global
+	expect(t, `func() { a := 1; a = "foo"; out = a }()`, "foo") // local
 	expect(t, `
 out = func() { 
 	a := 5

runtime/vm_builtin_test.go

@@ -3,6 +3,7 @@ package runtime_test
 import (
 	"testing"
 
+	"github.com/d5/tengo"
 	"github.com/d5/tengo/objects"
 )
 
@@ -193,3 +194,17 @@ func TestBuiltinFunction(t *testing.T) {
 	expect(t, `a := func(x) { return func() { return x } }; out = is_callable(a(5))`, true)                   // closure
 	expectWithSymbols(t, `out = is_callable(x)`, true, SYM{"x": &StringArray{Value: []string{"foo", "bar"}}}) // user object
 }
+
+func TestBytesN(t *testing.T) {
+	curMaxBytesLen := tengo.MaxBytesLen
+	defer func() { tengo.MaxBytesLen = curMaxBytesLen }()
+	tengo.MaxBytesLen = 10
+
+	expect(t, `out = bytes(0)`, make([]byte, 0))
+	expect(t, `out = bytes(10)`, make([]byte, 10))
+	expectError(t, `bytes(11)`, "bytes size limit")
+
+	tengo.MaxBytesLen = 1000
+	expect(t, `out = bytes(1000)`, make([]byte, 1000))
+	expectError(t, `bytes(1001)`, "bytes size limit")
+}