May 2, 2022

This release contains changes to the Moddable SDK from April 2 to May 2, 2022. There are two major areas of focus in this release:

1. Hardening XS. There has been a great deal of work recently to improve the robustness of our XS JavaScript engine. This work has been done together with Agoric and independent researchers. The majority of issues have been uncovered using the Fuzzilli fuzzing engine with customizations to target specific details of XS. Most of vulnerabilities found are extremely difficult to trigger in normal operation and none have been demonstrated to be exploitable. All have been fixed. The majority of issues were found using a special build of xst, the XS test tool. Check out the Hardening XS page for more information.
2. Ecma-419 networking. Work is well underway on the 2nd Edition of Ecma-419, the ECMAScript Embedded Systems API Specification. One of the key goals of 2nd Edition is to specify standard APIs for common network protocols. There are now proposals in place for HTTP, WebSocket, and MQTT. The Moddable SDK contains implementations for each of those, together with high level implementations of Fetch and WebSockets from HTML, and the MQTT module use with Node. These bring APIs familiar to web developers to embedded. See below for details.

The following is a summary of the changes. Thank you to everyone who contributed!

• XS
  • Vulnerabilities
    • Fix vulnerability in ArrayBuffer.fromBigInt with negative minBytes argument
    • Fix "Out-of-bounds Read in fxUint8Getter" vulnerability. Reported by @Q1IQ and @P1umer. #896
    • Fix vulnerability caused by RegExp engine not initializing capture reference name in one code path
    • Fix garbage collector triggered vulnerabilities
      • String.prototype.normalize
      • String.prototype.indexOf
      • String.prototype.lastIndexOf
      • Compartment constructor
      • Promise constructor
      • Accessing arguments
    • Fix vulnerabilities reported by @arirubinstein of Agoric
      • "AddressSanitizer: memcpy-param-overlap (libclang_rt.asan_osx_dynamic.dylib:arm64e+0x3db88) in __asan_memcpy+0xbc" #889
      • "AddressSanitizer: global-buffer-overflow xsBigInt.c:936 in fxBigInt_ffs" #890
      • "AddressSanitizer: heap-buffer-overflow (libclang_rt.asan_osx_dynamic.dylib:arm64e+0x3dc70) in __asan_memcpy+0x1a4" #891
      • "AddressSanitizer: stack-overflow xsLexical.c in fxGetNextCode" #892
  • Fix lockdown when Date has index property
  • Fix obscure case where colors of objects in ROM were confused with instance alias
  • Fix "Built-in function %ThrowTypeError% is incorrectly recognized as a constructor" conformance issue. Reported by @gibson042. #903
  • Fix Function.prototype.bind to work with proxies
  • Snapshots
    • Properly reload tagged templates
    • Zero unused trailing chunk bytes to support deterministic snapshots
  • mxNoChunks option now works with over-allocated arrays
  • Migrate Hardened JavaScript (also known as Secure ECMAScript) functions from xsnap to xs/xsLockdown.c to be able to use more widely
• Runtime
  • Ecma-419
    • Ecma-419 implementation of Display class for ILI9341. Poco and Piu updated to support (conditionally compiled, not yet default).
    • Ecma-419 implementation of TCP for macOS
    • Ecma-419 implementation of UDP for macOS
    • Ecma-419 DigitalBank for ESP32 only calls gpio_isr_handler_remove for pins for which it previously called gpio_isr_handler_add
  • Graphics and UI
    • BMP writer now supports writing 32-bit BMP images. png2bmp can now output 32-bit BMP images from PNG with alpha.
    • Optimize redraw of centered content in Piu by correctly checking that it is constrained
  • Fix analog audio output on ESP-IDF 4.4 (broken by API changes in ESP-IDF)
  • Update to more recent commit on ESP-IDF 4.4 to get analog audio fixes
  • xsbug connection was incorrectly marked as verified on ESP32, ESP8266, and Pico
  • Build changes to allow xsbug to work with ESP32-S3 board. Reported by @liurenqiu520. #902
• Tools
  • Resolve xsbug crash when null character received from debug target
  • Fix memory leak in Piu PC which caused xsbug to exhaust memory after running for a long time
  • xsbug uses Maps instead of object properties to maintain list of paths for cached eval code. Faster and more scalable for long test runs.
  • When building xst on macOS, use a much bigger margin to check for pending stack overflows to account for unexpectedly huge stack frame of XS run loop (fxRunID) in debug builds (nearly 90 KB on 64-bit ARM!)
  • TypeScript type declaration files for BLE and HID peripherals. Contributed by @chigix. #901
• Documentation
  • BLE updates to use Class Client consistently. Contributed by @chigix. #901