Merge pull request #264 from BrianPugh/oob

Security Fix: Prevent OOB window buffer access when decompressing a malicious pattern match at end of window buffer.

Author: BrianPugh

ctests/test_decompressor.c

@@ -67,3 +67,29 @@ void test_decompressor_byte_by_byte(void) {
 
     TEST_ASSERT_EQUAL_STRING("foo foo foo", output_buffer_complete);
 }
+
+void test_decompressor_malicious_oob(void) {
+    /*****
+     * Tests the decompressor if we feed in a pattern at position WINDOW_SIZE - 1.
+     * The compressor should never generate this.
+     */
+    const unsigned char compressed[] = {
+        0b01011000,  // header (window_bits=10, literal_bits=8)
+        0b00111111,  // pattern of length 2 at WINDOW_SIZE -1
+        0b11110000,  // 4 bits of zero-padding
+    };
+
+    tamp_res res;
+    TampDecompressor d;
+    unsigned char window_buffer[1 << 10];
+
+    res = tamp_decompressor_init(&d, NULL, window_buffer);
+    TEST_ASSERT_EQUAL(res, TAMP_OK);
+
+    unsigned char output_buffer[32];
+    size_t output_written_size;
+
+    res = tamp_decompressor_decompress(&d, output_buffer, sizeof(output_buffer), &output_written_size, compressed,
+                                       sizeof(compressed), NULL);
+    TEST_ASSERT_EQUAL(res, TAMP_OOB);
+}

ctests/test_runner.c

@@ -16,6 +16,7 @@ int main(void) {
 
     // Decompressor tests
     RUN_TEST(test_decompressor_byte_by_byte);
+    RUN_TEST(test_decompressor_malicious_oob);
 
     // Compressor tests
     RUN_TEST(test_compressor_init);

poetry.lock

@@ -12,4 +12,5 @@ ERROR_LOOKUP = {
     ctamp.TAMP_ERROR: Exception,
     ctamp.TAMP_EXCESS_BITS: ExcessBitsError,
     ctamp.TAMP_INVALID_CONF: ValueError,
+    ctamp.TAMP_OOB: ValueError,
 }

tamp/_c_common.pyx

@@ -57,6 +57,9 @@ enum {
     TAMP_ERROR = -1,         // Generic error
     TAMP_EXCESS_BITS = -2,   // Provided symbol has more bits than conf->literal
     TAMP_INVALID_CONF = -3,  // Invalid configuration parameters.
+    TAMP_OOB = -4,           // Out-of-bounds access detected in compressed data.
+                             // Indicates malicious or corrupted input data attempting to
+                             // reference memory outside the decompressor window buffer.
 };
 typedef int8_t tamp_res;
 

tamp/_c_src/tamp/common.h

@@ -192,11 +192,23 @@ tamp_res tamp_decompressor_decompress_cb(TampDecompressor *decompressor, unsigne
             match_size += decompressor->min_pattern_size;
             window_offset = bit_buffer >> (32 - decompressor->conf_window);
 
+            // Security check: validate that the pattern reference (offset + size) does not
+            // exceed window bounds. Malicious compressed data could craft out-of-bounds
+            // references to read past the window buffer, potentially leaking memory.
+            // Cast to uint32_t prevents signed integer overflow.
+            const uint32_t window_size = (1u << decompressor->conf_window);
+            if (TAMP_UNLIKELY((uint32_t)window_offset >= window_size ||
+                              (uint32_t)window_offset + (uint32_t)match_size > window_size)) {
+                return TAMP_OOB;
+            }
+
             // Apply skip_bytes
             match_size_skip = match_size - decompressor->skip_bytes;
             window_offset_skip = window_offset + decompressor->skip_bytes;
 
-            // Check if we are output-buffer-limited, and if so to set skip_bytes
+            // Check if we are output-buffer-limited, and if so to set skip_bytes.
+            // Next tamp_decompressor_decompress_cb we will re-decode the same
+            // token, and skip the first skip_bytes of it.
             // Otherwise, update the decompressor buffers
             size_t remaining = output_end - output;
             if (TAMP_UNLIKELY((uint8_t)match_size_skip > remaining)) {

tamp/_c_src/tamp/decompressor.c

@@ -21,6 +21,7 @@ cdef extern from "tamp/common.h":
         TAMP_ERROR = -1,  # Generic error
         TAMP_EXCESS_BITS = -2,  # Provided symbol has more bits than conf->literal
         TAMP_INVALID_CONF = -3,  # Invalid configuration parameters.
+        TAMP_OOB = -4,  # Out-of-bounds access detected in compressed data.
 
     void initialize_dictionary(unsigned char *buffer, size_t size, uint32_t seed);
     int compute_min_pattern_size(uint8_t window, uint8_t literal);

tamp/ctamp.pxd

@@ -7,27 +7,36 @@
 except ImportError:
     micropython = None
 
+_app_kwargs = {}
+
 try:
     from unittest.mock import patch
 
     from tamp.cli.main import app
 except ImportError:
     pass
+else:
+    from importlib.metadata import version
+
+    from packaging.version import Version
+
+    _cyclopts_version = Version(version("cyclopts"))
+    _app_kwargs = {"result_action": "return_value"} if _cyclopts_version >= Version("4.0.0") else {}
 
 compressed_foo_foo_foo = bytes(
     # fmt: off
     [
         0b010_11_00_0,  # header (window_bits=10, literal_bits=8)
-        0b1_0110011,    # literal "f"
+        0b1_0110011,  # literal "f"
         0b0_0_0_00100,  # the pre-init buffer contains "oo" at index 131
-                        # size=2 -> 0b0
-                        # 131 -> 0b0010000011
-        0b00011_1_00,   # literal " "
-        0b100000_0_1,   # There is now "foo " at index 0
-        0b000_00000,    # size=4 -> 0b1000
-        0b00000_0_11,   # Just "foo" at index 0; size=3 -> 0b11
-        0b00000000,     # index 0 -> 0b0000000000
-        0b00_000000,    # 6 bits of zero-padding
+        # size=2 -> 0b0
+        # 131 -> 0b0010000011
+        0b00011_1_00,  # literal " "
+        0b100000_0_1,  # There is now "foo " at index 0
+        0b000_00000,  # size=4 -> 0b1000
+        0b00000_0_11,  # Just "foo" at index 0; size=3 -> 0b11
+        0b00000000,  # index 0 -> 0b0000000000
+        0b00_000000,  # 6 bits of zero-padding
     ]
     # fmt: on
 )
@@ -42,14 +51,14 @@ def test_compress_file_to_stdout(self):
             test_file.write_bytes(b"foo foo foo")
 
             with patch("sys.stdout.buffer.write") as mock_stdout:
-                app(["compress", str(test_file)])
+                app(["compress", str(test_file)], **_app_kwargs)
                 mock_stdout.assert_called_once_with(compressed_foo_foo_foo)
 
     def test_compress_stdin_to_stdout(self):
         with patch("sys.stdout.buffer.write") as mock_stdout, patch(
             "sys.stdin.buffer.read", return_value="foo foo foo"
         ):
-            app("compress")
+            app("compress", **_app_kwargs)
             mock_stdout.assert_called_once_with(compressed_foo_foo_foo)
 
     def test_decompress_file_to_stdout(self):
@@ -58,14 +67,14 @@ def test_decompress_file_to_stdout(self):
             test_file = tmp_dir / "test_input.tamp"
             test_file.write_bytes(compressed_foo_foo_foo)
             with patch("sys.stdout.buffer.write") as mock_stdout:
-                app(["decompress", str(test_file)])
+                app(["decompress", str(test_file)], **_app_kwargs)
                 mock_stdout.assert_called_once_with(b"foo foo foo")
 
     def test_decompress_stdin_to_stdout(self):
         with patch("sys.stdout.buffer.write") as mock_stdout, patch(
             "sys.stdin.buffer.read", return_value=compressed_foo_foo_foo
         ):
-            app("decompress")
+            app("decompress", **_app_kwargs)
             mock_stdout.assert_called_once_with(b"foo foo foo")
 
     def test_decompress_stdin_to_file(self):
@@ -74,5 +83,5 @@ def test_decompress_stdin_to_file(self):
             test_file = tmp_dir / "test_output.txt"
 
             with patch("sys.stdin.buffer.read", return_value=compressed_foo_foo_foo):
-                app(["decompress", "-o", str(test_file)])
+                app(["decompress", "-o", str(test_file)], **_app_kwargs)
             self.assertEqual(test_file.read_text(), "foo foo foo")

tests/test_cli.py

@@ -153,6 +153,8 @@ export class TampDecompressor {
    * Decompress a chunk of data
    * @param input - Compressed input data
    * @returns Promise resolving to decompressed data
+   * @throws {RangeError} When compressed data contains out-of-bounds references
+   * @throws {DecompressionError} When decompression fails
    */
   decompress(input: Uint8Array): Promise<Uint8Array>;
 
@@ -197,6 +199,8 @@ export function compress(data: Uint8Array, options?: TampCallbackOptions): Promi
  * @param data - Compressed data to decompress
  * @param options - Decompression options
  * @returns Promise resolving to decompressed data
+ * @throws {RangeError} When compressed data contains out-of-bounds references or invalid configuration
+ * @throws {DecompressionError} When decompression fails
  */
 export function decompress(data: Uint8Array, options?: TampOptions): Promise<Uint8Array>;
 

wasm/src/tamp.d.ts

@@ -9,6 +9,7 @@ import TampModule from './tamp-module.mjs';
 const TAMP_ERROR = -1;
 const TAMP_EXCESS_BITS = -2;
 const TAMP_INVALID_CONF = -3;
+const TAMP_OOB = -4;
 
 class TampError extends Error {
   constructor(code, message, details = {}) {
@@ -79,6 +80,8 @@ function throwOnError(result, operation) {
         throw new ExcessBitsError(`${operation}: Symbol has more bits than configured literal size`, details);
       case TAMP_INVALID_CONF:
         throw new RangeError(`${operation}: Invalid configuration parameters`);
+      case TAMP_OOB:
+        throw new RangeError(`${operation}: Out-of-bounds access detected in compressed data`);
       case TAMP_ERROR:
       default:
         if (operation.toLowerCase().includes('compress')) {