Removed C# classes to Aphid, added XML support.

BadParser/BadParser.csproj

@@ -44,10 +44,8 @@
     <Reference Include="System.Xml" />
   </ItemGroup>
   <ItemGroup>
-    <Compile Include="Widget.cs" />
     <Compile Include="Program.cs" />
     <Compile Include="Properties\AssemblyInfo.cs" />
-    <Compile Include="WidgetVector.cs" />
   </ItemGroup>
   <ItemGroup>
     <None Include="App.config">
@@ -99,6 +97,32 @@
       <Name>Components.Aphid</Name>
     </ProjectReference>
   </ItemGroup>
+  <ItemGroup>
+    <Content Include="test.xml">
+      <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
+    </Content>
+    <Content Include="test_0xdead0001.xml">
+      <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
+    </Content>
+    <Content Include="test_0xdead0002.xml">
+      <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
+    </Content>
+    <Content Include="test_0xdead0003.xml">
+      <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
+    </Content>
+    <Content Include="test_0xdead0004.xml">
+      <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
+    </Content>
+    <Content Include="test_0xdead0005.xml">
+      <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
+    </Content>
+    <Content Include="test_0xdead0006.xml">
+      <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
+    </Content>
+    <Content Include="test_0xdead0007.xml">
+      <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
+    </Content>
+  </ItemGroup>
   <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
   <!-- To modify your build process, add your task inside one of the targets below and uncomment it. 
        Other similar extension points exist, see Microsoft.Common.targets.

BadParser/Program.cs

@@ -5,6 +5,7 @@
 using System.IO;
 using System.Linq;
 using System.Reflection;
+using System.Reflection.Emit;
 using System.Text;
 using System.Threading.Tasks;
 using System.Web.Script.Serialization;

BadParser/Scripts/Components.alx

@@ -10,7 +10,6 @@ using System.Linq;
 using System.Runtime.InteropServices;
 using Components.Aphid.Interpreter;
 using Components.Aphid.Library;
-using BadParser;
 
 print = Console.WriteLine;
 head = @{
@@ -29,15 +28,4 @@ isSeq = @()
         .GetInterface("IEnumerable") != null;
 
 createBuffer = //Hack for creating byte array
-    @Array.CreateInstance(Convert.ToByte(0x0).GetType());
-
-loadExe = @() '.\\..\\bin\\Debug\\BadParser.exe' |> Path.GetFullPath |> Assembly.LoadFrom;
-
-init = @{
-    entry = Assembly.GetEntryAssembly().Location |> Path.GetFileName;
-
-    if (entry != "BadParser.exe") {
-        print('Loading exe');
-        loadExe();
-    }
-};
+    @Array.CreateInstance(Convert.ToByte(0x0).GetType());

BadParser/Scripts/VulnerabilitySimulation.alx

@@ -27,7 +27,7 @@ createVulnerabilitySimulator = @{
     _v(checkBufferNull, $_.Buffer == null);
     _n = nextVulnNumber();
     v.checkWidgetCount = @{ if (isSeq($_) && $_.Length > 0x100) crash(_n) };
-    _v(checkVariant, $_.Variant.GetType().IsArray);
+    _v(checkVariant, !$_.Variant.GetType().IsSealed);
 
     ret v;
 };
@@ -45,10 +45,8 @@ runAllChecks = @(w) {
     print('Done');
 }; 
 
-
-head('Bad Parser 1.2');
+head('BadParser 1.3');
 print();
-init();
 args = Environment.GetCommandLineArgs();
 argOffset = (args[0] |> Path.GetFileName).ToLower() == 'aphid.exe' ? 1 : 0;
 fileOffset = 1 + argOffset;
@@ -70,18 +68,22 @@ print("Loading test file '{0}'", file);
 ext = file |> Path.GetExtension;
 
 widgets;
+read;
 
 switch (ext.ToLower()) {
-    ".json": {
-        print('Deserializing JSON');
-        widgets = file |> readWidget.json
-    }
+    ".json": read = readWidget.json;
+    ".xml": read = readWidget.xml;
     default: {
         print("Cannot deserialize file with unknown extension '{0}'", ext);
         Environment.Exit(3);
     }
 }
 
+widgets = file |> read;
+
+ext.Substring(1).ToUpper() |> @print('Deserializing {0}');
+
 print('{0} widgets loaded\r\n', widgets.Length);
-widgets for print('{0}', $_);
+widgets for $_ |> dumpWidget @print('{0}');
+print();
 widgets |> runAllChecks;

BadParser/Scripts/Widgets.alx

@@ -1,6 +1,29 @@
 load System.Web.Extensions;
+load System.Xml;
+using System;
+using System.Xml.Serialization;
 using System.Web.Script.Serialization;
 
+class of long WidgetVector { X, Y };
+
+class Widget {
+    string Name,
+    WidgetVector Position,
+    byte set Buffer,
+    Variant,
+};
+
+dumpVector = @() String.Format('X={0}, Y={1}', $_.X, $_.Y);
+
+dumpWidget = @() String.Format(
+    '{0}, {{ {1} }}, Buffer Size={2}, Variant={3}',
+    [
+        $_.Name,
+        $_.Position != null ? $_.Position |> dumpVector : '[Position null]',
+        $_.Buffer != null ? $_.Buffer.Length : '[Buffer null]',
+        $_.Variant != null ? $_.Variant : '[Variant null]'
+    ]);
+
 createWidget = @{
     w = new Widget();
     w.Name = 'Test Widget';
@@ -16,5 +39,19 @@ createWidget = @{
 _widgetType = macro(@{ (new Widget()).GetType().MakeArrayType()});
 
 readWidget = {
-    json: @() (new JavaScriptSerializer()).Deserialize($_ |> File.ReadAllText, _widgetType())
+    json: @() (new JavaScriptSerializer()).Deserialize($_ |> File.ReadAllText, _widgetType()),
+    xml: @{
+        s = $_ |> File.OpenRead;
+        attrs = new XmlAttributes();
+        attrs.XmlElements.Add(new XmlElementAttribute("Int", Type.GetType("System.Int32")));
+        attrs.XmlElements.Add(new XmlElementAttribute("String", Type.GetType("System.String")));
+        attrs.XmlElements.Add(new XmlElementAttribute("Widget", createWidget().GetType()));
+        overrides = new XmlAttributeOverrides();
+        overrides.Add(createWidget().GetType(), "Variant", attrs);
+        xmlSerializer = new XmlSerializer(_widgetType(), overrides);
+        x = xmlSerializer.Deserialize(s);
+        s.Dispose();
+
+        ret x;
+    },
 }

BadParser/test.xml

@@ -0,0 +1,21 @@
+<?xml version="1.0"?>
+<ArrayOfWidget xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
+  <Widget>
+    <Name>Foo Widget</Name>
+    <Position>
+      <X>10</X>
+      <Y>20</Y>
+    </Position>
+    <Buffer>ChQeKA==</Buffer>
+    <Int>100</Int>
+  </Widget>
+  <Widget>
+    <Name>Bar Widget</Name>
+    <Position>
+      <X>100</X>
+      <Y>55</Y>
+    </Position>
+    <Buffer>MjxGUFpkbng=</Buffer>
+    <String>Hello world</String>
+  </Widget>
+</ArrayOfWidget>

BadParser/test_0xdead0001.xml

@@ -0,0 +1,21 @@
+<?xml version="1.0"?>
+<ArrayOfWidget xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
+  <Widget>
+    <Name>AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA</Name>
+    <Position>
+      <X>10</X>
+      <Y>20</Y>
+    </Position>
+    <Buffer>ChQeKA==</Buffer>
+    <Int>100</Int>
+  </Widget>
+  <Widget>
+    <Name>Bar Widget</Name>
+    <Position>
+      <X>100</X>
+      <Y>55</Y>
+    </Position>
+    <Buffer>MjxGUFpkbng=</Buffer>
+    <String>Hello world</String>
+  </Widget>
+</ArrayOfWidget>

BadParser/test_0xdead0002.xml

@@ -0,0 +1,21 @@
+<?xml version="1.0"?>
+<ArrayOfWidget xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
+  <Widget>
+    <Name>Foo Widget</Name>
+    <Position>
+      <X>9223372036854775807</X>
+      <Y>20</Y>
+    </Position>
+    <Buffer>ChQeKA==</Buffer>
+    <Int>100</Int>
+  </Widget>
+  <Widget>
+    <Name>Bar Widget</Name>
+    <Position>
+      <X>100</X>
+      <Y>55</Y>
+    </Position>
+    <Buffer>MjxGUFpkbng=</Buffer>
+    <String>Hello world</String>
+  </Widget>
+</ArrayOfWidget>

BadParser/test_0xdead0003.xml

@@ -0,0 +1,21 @@
+<?xml version="1.0"?>
+<ArrayOfWidget xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
+  <Widget>
+    <Name>Foo Widget</Name>
+    <Position>
+      <X>10</X>
+      <Y>-1024</Y>
+    </Position>
+    <Buffer>ChQeKA==</Buffer>
+    <Int>100</Int>
+  </Widget>
+  <Widget>
+    <Name>Bar Widget</Name>
+    <Position>
+      <X>100</X>
+      <Y>55</Y>
+    </Position>
+    <Buffer>MjxGUFpkbng=</Buffer>
+    <String>Hello world</String>
+  </Widget>
+</ArrayOfWidget>

BadParser/test_0xdead0004.xml

@@ -0,0 +1,21 @@
+<?xml version="1.0"?>
+<ArrayOfWidget xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
+  <Widget>
+    <Name>Foo Widget</Name>
+    <Position>
+      <X>10</X>
+      <Y>20</Y>
+    </Position>
+    <Buffer>QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQQ==</Buffer>
+    <Int>100</Int>
+  </Widget>
+  <Widget>
+    <Name>Bar Widget</Name>
+    <Position>
+      <X>100</X>
+      <Y>55</Y>
+    </Position>
+    <Buffer>MjxGUFpkbng=</Buffer>
+    <String>Hello world</String>
+  </Widget>
+</ArrayOfWidget>

BadParser/test_0xdead0005.xml

@@ -0,0 +1,20 @@
+<?xml version="1.0"?>
+<ArrayOfWidget xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
+  <Widget>
+    <Name>Foo Widget</Name>
+    <Position>
+      <X>10</X>
+      <Y>20</Y>
+    </Position>
+    <Int>100</Int>
+  </Widget>
+  <Widget>
+    <Name>Bar Widget</Name>
+    <Position>
+      <X>100</X>
+      <Y>55</Y>
+    </Position>
+    <Buffer>MjxGUFpkbng=</Buffer>
+    <String>Hello world</String>
+  </Widget>
+</ArrayOfWidget>